Virtual Private Network Frequently Asked Questions

What is VPN, why do I need it, and when should I use it?

Virtual Private Network (VPN) is a way for Internet information packets to be transferred between two sites using a secure "virtual tunnel". VPN works as a private connection between RIT systems and a remote location by "encapsulating" the information so that the packets are safe from third party interception. You should use VPN when you are connecting to RIT resources that are protected from outside use such as the Human Resources Self Serve page or a secure service that your department uses. These services will only be accessible from outside of the RIT network using VPN. Your supervisor will notify you if the systems you work with require VPN. You may also use VPN any time you wish to have a secure connection between your remote location and RIT systems.

Do I still need to have an Internet Service Provider (ISP) like Road Runner, DialIP, Frontier, etc.?

Yes. VPN works along with your ISP to give a secure connection between your home computer and the RIT campus. VPN does not replace your ISP, it works to protect data transmissions from being intercepted by a third party.

Will I have a faster Internet connection?

No, your Internet connection may actually slow down due to the fact that VPN takes up some bandwidth on your connection.

Will I need to learn a new program to use VPN?

No. You will not need to learn a new program. Once you install VPN you will only need to click on the VPN icon to connect. You will see no difference in your programs and there are no new applications to learn.

 

I want to get a router for my home network, is there anything I should know about their functionality with VPN before I buy one?

Absolutely! If you are going to purchase a new router, and you will be attempting to use VPN through it, be sure it either states it is enabled with NAT transparency or allows for VPN passing. Most of the newer routers have this feature, but investigate it before you buy.

Is there an alternative to using VPN to connect to Exchange?

Yes. You will need to setup the Microsoft Outlook client to use RPC over HTTPS.

What does the "Remote Peer Disconnected" or "Remote Peer Rejected" message mean?

There are several factors that may contribute to this error message. Please read the following descriptions, this may help determine the cause of this error on your system.

Firewalls and routers are the main cause for the "Remote Peer" errors. The following steps below may help you troubleshoot your set up to allow VPN to pass through your router and/or firewall. Q: I am running a personal firewall on my machine. What port

If your machine is behind a firewall or running a personal firewall the following need to be opened to the VPN server(s):

  • UDP Port 62515 (only port required for Windows XP SP2 users)
  • UDP Port 4500
  • UDP Port 10000
  • TCP Port 10000

To change port settings in your Windows XP SP2 firewall, open Control Panel, select the Windows Firewall. Under the exceptions tab click add port, in the description type "UDP 62515" or the port number, and type the port number and select the appropriate port type, ie. UDP 62515. If your firewall (or possibly a NAT box) cannot properly deal with IPSEC you can configure your client to tunnel all IPSEC traffic over UDP and TCP port 10000 and simply open that port on your firewall. Do this from properties, general tab. Click the box next to enable transparent tunneling and then click the radio button for allow IPSEC over UDP. If you have questions regarding the function of your firewall consult your manufacturer’s documentation or contact their tech support.

 

I have a router set up on my home network and am getting the "Remote Peer" error what should I be looking for?
Routers that were manufactured before June 2002 may be incompatible with VPN. Many of the routers that were manufactured before this time did not allow for NAT transparency. This means that they do not allow for VPN traffic to pass through them. There are two solutions to this problem:
  1. On the machine you are trying to connect to VPN with, unplug the Ethernet cable that goes into the router and plug it directly into your modem. This configuration is the same setup which your provider uses on a single machine setup. By connecting directly to the modem rather than through the router this will allow for VPN to be accessible to the machine.
  2. Contact the manufacturer of your router, they will be able to tell you if the router you are using uses NAT transparency (or allows VPN passing). If it does not, ask if they have a firmware update that allows this feature, and ask them to assist you with the update. If you have questions regarding your router’s capabilities consult your manufacturer’s documentation or contact their tech support.