VPN (Virtual Private Network)

The University of Texas Health Science Center at Houston provides remote access to the UTH network (inside the firewall) via a Virtual Private Network (VPN) solution. This permits a remote user (at home, from a satellite campus, with a laptop from their hotel room, etc.) to connect into the University network system and function as if they were sitting at their desk at the University. Basically all resources they typically access while at work (file services, data systems, printers, e-mail, etc.) they can access from a remote location. Note that this does require some type of Broadband connection like a cable modem or DSL service and does not work via a dial-up connection. Also, depending on the resources being accessed, the machine being used needs to have the appropriate software installed to access those resources. For example, if a user wants to access their e-mail just like they do at work (using Outlook) they need to have Outlook installed on the remote machine. Or if a user wants to administer their SQL Server Database, they will need the SQL Enterprise Management tools installed on the remote machine.

LDAP Credentials required for VPN Access

The credentials you need for connecting to the VPN are your LDAP UID and password. These are the same username and password you use to log onto a computer at SPH, to log into Blackboard, to get to your e-mail, and to log into the Timesheet system (also referred to as your UTH password).

If you do not know your LDAP UID, contact anyone at SPH IT Services for assistance.

If you have a digital ID and know your LDAP username, you can reset your LDAP password without knowing the old password. Go to http://www.uth.tmc.edu/netcenter/change_pass.htm and use your digital ID to change the password.

If you do not have a digital ID and do not know your LDAP password, please send a message to sphithelp@uth.tmc.edu or contact anyone at SPH IT Services to have your password reset.

Note that your LDAP account requires a 'strong' password with the following restrictions:

• Passwords must be at least 8 characters long • They must contain a mix of upper and lower case alpha characters • They must have at least 2 non-alpha characters (numerals and/or special characters) • Passwords must begin and end with an alpha character

Connecting to the UTH VPN

The IT Security Team provides an easy way for users to access the UTH network while away from work. This is called SSL VPN. All that is needed is a standard web browser, Internet connection, and a valid UTH username and password.

The IT Security web site at UTH provides detailed instructions for connecting to the VPN. The Thin Client Setup information on that page is particularly helpful.

VPN Quick Start Guide

• Open Internet Explorer and browse to http://govpn.uth.tmc.edu. • If your browser notifies you that you will be accessing a secure site, click ok to

continue. • Land on the SSL VPN login page, and enter your UTH username and password here. • Choose the Install button to install the Aventail Access Manager, and then select Run

from the security warning dialog that pops up. • The first time you use the site, you may be prompted to accept a couple of add-ons

for your browser. Follow the instructions on the screen to run those Active-X controls.

• Access your UTH resources just as if you were on the university network. • Be sure to Log Out (top right corner of UTHSC-H VPN browser session) when you are

done with your work!

Accessing Resources Via the VPN Connection

Now that you have successfully connected to the VPN, next you can set your machine up to actually get some work done. The steps below will help you get started with getting your machine set up to reliably access network resources from your remote connection. All of the following steps are intended to be followed while you are connected to the VPN.

See if you can get on the Internet

The first test to see if your VPN Connection is working is to see if you can get on the Internet with your Web Browser. Open your browser and navigate to a site outside of the UTH System; http://www.cnn.com for example. If you can't get your web browser to work, then you probably won't be able to connect to other network resources either. If your web browser does not work, try re-booting your PC, re-connecting to the VPN and then run your browser again.

Testing Connectivity to the Servers You Need to Reach

Chances are the two servers you need to be able to access most often are the mail server and the file server. Once you have established the VPN Connection, choose Start/Run and type Command in the run dialog and click OK. This will open a DOS window. At the command line, type Ping SPHCLU (the file server) as seen below, and press Enter.

You probably won't get any replies, but if it returns the correct IP address of 129.106.153.83, then you have connectivity to the file server. Try the same Ping command for the mail server by typing Ping UTHEVS1return of the correct IP Address (in this case 129.106.9.56).

Mapping network drives

If you can successfully browse the web and ping the servers, then you should be able to connect to file services. Try mapping a network drive to a resource you use at t(Your W: drive for example if you have one). RightExplore from the pop-up menu to open Windows Explorer. Then choose Tools/Map Network Drive from the Menu to get the following dialog box.

Select W: as the drive letter and type in username is your UTH Username (e.g., your first initial + last name), then click on the "different user name" link to open the following dialog. Note: It may be necessary to use the

You probably won't get any replies, but if it returns the correct IP address of 129.106.153.83, then you have connectivity to the file server. Try the same Ping command

Ping UTHEVS1 and press Return. Again, you are looking forreturn of the correct IP Address (in this case 129.106.9.56).

If you can successfully browse the web and ping the servers, then you should be able to connect to file services. Try mapping a network drive to a resource you use at t(Your W: drive for example if you have one). Right-click on the Start button and choose

up menu to open Windows Explorer. Then choose Tools/Map Network Drive from the Menu to get the following dialog box.

rive letter and type in \\sphclu\username$ in the folder field where username is your UTH Username (e.g., your first initial + last name), then click on the "different user name" link to open the following dialog. Note: It may be necessary to use the

You probably won't get any replies, but if it returns the correct IP address of 129.106.153.83, then you have connectivity to the file server. Try the same Ping command

and press Return. Again, you are looking for a

If you can successfully browse the web and ping the servers, then you should be able to connect to file services. Try mapping a network drive to a resource you use at the office

click on the Start button and choose up menu to open Windows Explorer. Then choose Tools/Map Network

in the folder field where username is your UTH Username (e.g., your first initial + last name), then click on the "different user name" link to open the following dialog. Note: It may be necessary to use the

fully qualified domain name or IP address of the server. If the folder specified above does not work, try \\129.106.153.83\username$

Enter the Domain Name (UTHOUSTON) followed by a backslash ( username (see the example above), then type your password in the Password field and click OK then click Finish. Now you should have a W: drive available in your Windows Explorer as shown below.

When you are finished working with your NetTools/Disconnect Network Drive from the Windows Explorer window to access a dialog for disconnecting drives.

If you are not able to connect to network drives, there may be a few settings to add to your Networking properties on the remote machine. Go to Start/Settings/Control Panel/Network Connections and you will get a dialog that looks something like this.

qualified domain name or IP address of the server. If the folder specified above does \\sphclu.sph.uthouston.edu\username$

Enter the Domain Name (UTHOUSTON) followed by a backslash ( username (see the example above), then type your password in the Password field and click OK then click Finish. Now you should have a W: drive available in your Windows Explorer

When you are finished working with your Network drive(s), you can choose Tools/Disconnect Network Drive from the Windows Explorer window to access a dialog for

If you are not able to connect to network drives, there may be a few settings to add to your the remote machine. Go to Start/Settings/Control Panel/Network

Connections and you will get a dialog that looks something like this.

qualified domain name or IP address of the server. If the folder specified above does username$ or

Enter the Domain Name (UTHOUSTON) followed by a backslash ( \ ) and then your username (see the example above), then type your password in the Password field and click OK then click Finish. Now you should have a W: drive available in your Windows Explorer

work drive(s), you can choose Tools/Disconnect Network Drive from the Windows Explorer window to access a dialog for

If you are not able to connect to network drives, there may be a few settings to add to your the remote machine. Go to Start/Settings/Control Panel/Network

Right-click on the Local Area Connection entry for your Network Adapter (the adapter for your connection to your Cable/Dfrom the pop-up menu. A dialog like the one below should open.

Find the entry for Internet Protocol (TCP/IP), select it and click the Properties button to get a dialog like this.

click on the Local Area Connection entry for your Network Adapter (the adapter for your connection to your Cable/DSL Modem or Ethernet network) and choose Properties

up menu. A dialog like the one below should open.

Find the entry for Internet Protocol (TCP/IP), select it and click the Properties button to get

click on the Local Area Connection entry for your Network Adapter (the adapter for SL Modem or Ethernet network) and choose Properties

Find the entry for Internet Protocol (TCP/IP), select it and click the Properties button to get

Click the Advanced button to get to a dialog like this.

Then click the WINS tab and set the NetBIOS setting to "Enable NetBIOS over TCP/IP". Below is an example of how your WINS settings should appear.

Then click OK. Your machine may or may not require a re-boot after these changes. If you are prompted for a re-boot, be sure to re-connect to the VPN after re-booting, and then try mapping your network drive(s) again.

If you are still unable to connect to network drives, contact SPH IT Services for additional troubleshooting advice.

Configuring Outlook for your SPH e-Mail

If your VPN and network settings are correctly configured, you should be able to set Outlook 2007 up on the remote machine to access your UTH e-Mail on the Exchange Server. Assuming you already have Outlook installed, go to Start/Settings/Control Panel/Mail (sometimes labeled "Mail and Fax") and you will get the following dialog.

Click the Show Profiles button. If there are any Profiles listed that you are not familiar with, Select them and choose the Remove button. If you are planning to have more than one profile on the remote machine, be sure to select the Radio button for "Prompt for a profile to be used".

Then click the Add button and type in a name for your new Profile and click OK. The following dialog should appear. Be sure to

Select the check box for “Manually configure server settings or additional server types” then click Next and you should get this dialog box.

Select the Radio button for "Microsoft Exchange" and click Next and you should get this dialog box. Fill in the Microsoft Exchange Server field with uthevs1 and the User Name field with your UTH User Name.

Then click the Check Name button and your user name should resolve to your full display name. In the example here, the user name is "charvey" and it resolves to "Harvey, Christopher M."

If your name does not resolve when you click the Check Name button, Outlook probably won't work when you try to open it. You might try using the fully qualified machine name for the Exchange Server (uthevs1.mail.uthouston.edu) and see if your name resolves. If your name won’t resolve, see the sections on Mapping Network Drives above and on Troubleshooting your VPN Connection below to try to correct the connectivity problem and then try configuring your Outlook Profile again.

When your username resolves to your full display name, click the More Settings button to get the following dialog.

Select the Connection Tab and check the box for “Connect to Microsoft Exchange using HTTP”, then click the Exchange Proxy Settings button.

Select the Security Tab and check the box for "Always prompt for logon credentials" as shown in the next dialog. This forces Outlook to prompt you for a Username, Password, and Domain when you attempt to start it. Since your remote machine is not officially "on" the UTH network (although you are connected to the VPN), you need to provide your UTH credentials to successfully get to your mail.

Set the Exchange Proxy Settings dialog to match this next dialog box and then click OK. Setting these parameters in your

Outlook 2007 client will actually allow you to access your UTH e-mail without a VPN connection in the future.

Then click OK and Next and you should be presented with a Logon Dialog as shown here. Enter your UTH username with an "@uthouston.edu" after it, and then your password as shown in the dialog below and click OK.

You should get a dialog like below confirming your profile was successfully created.

Click Finish and OK to get out of the Mail Configuration wizard. Now you are ready to run Outlook. Again, be certain your VPN Connection is active. Open Outlook and you should be presented with the Logon dialog again like below.

Enter your UTH username with an "@uthouston.edu" after it, and then your password as shown in the dialog below and click OK to start Outlook.

Any mail objects you have saved on the UTH Server in your Outlook Profile at work,be available when connected via the VPN. What you don't immediately have access to is any Personal Folders Files (.pst) that you might have as part of your profile at work. These can be added to your remote configuration, but because there are so mfor how and where your .pst file(s) are set up, this probably needs to be addressed on an individual basis. Contact SPH IT Servicesaccess your Personal Folders (.pst) files in

Any mail objects you have saved on the UTH Server in your Outlook Profile at work,be available when connected via the VPN. What you don't immediately have access to is any Personal Folders Files (.pst) that you might have as part of your profile at work. These can be added to your remote configuration, but because there are so many different possibilities for how and where your .pst file(s) are set up, this probably needs to be addressed on an

SPH IT Services for additional assistance if you need to be able to access your Personal Folders (.pst) files in your remote configuration.

Any mail objects you have saved on the UTH Server in your Outlook Profile at work, should be available when connected via the VPN. What you don't immediately have access to is any Personal Folders Files (.pst) that you might have as part of your profile at work. These can

any different possibilities for how and where your .pst file(s) are set up, this probably needs to be addressed on an

for additional assistance if you need to be able to