Mechanical and Industrial Engineering / Services&Safety / Computing Services / VPN

Faculty of Applied Science and Engineering / University of Toronto

Home / Services & Safety / Computing Services / VPN

MIE VPN Service

MIE VPN is the departmental Virtual Private Network service of the Department of Mechanical and Industrial Engineering which provides faculty, researchers and students remote access to the internal MIE research network.

The VPN service is a convenient and secure way to access your office and lab desktops and printers from home or while travelling with your portable computer. When your remote computer successfully connects and authenticates to the VPN service, it will become part of the MIE research network as if you were in the department.

(Note to MIE Departmental Staff: This service does not give access to the MIE Administrative network.)

Contents:

What you need
Installation

Installing MIE-vpn and UTORvpn (recommended)
Installing MIE-vpn without UTORvpn (users without UTORid)

Connecting to MIE VPN

Connection example for Windows
Connection example for MacOS X
Testing the VPN connection

Connecting to your MIE desktops and printers

Example: Windows Remote Desktop connection
Example: Mac OS X access to shared folders
Example: Network printing from wireless laptop

MIE-vpn vs UTORvpn

What you need:

1. Windows, Linux/Unix or MacOS X with any internet connection (DSL, Cable, etc)

2. UTORid login and password to sign up for UTORvpn. Optional but strongly recommended.

3. MIE user login and password (same login as for your @mie.utoronto.ca email account). Strictly required.

All you need to do is install the VPN software on your home PC or on the portable computer with which you travel.

Installation:

MIE VPN uses the same software as the UofT VPN service (UTORvpn), with a customized configuration. It is recommended to install UTORvpn first and then add MIE-vpn to it, as described below. For guests or visitors who do not have a UTORid (needed for UTORvpn) or can't install UTORvpn for any reason, we provide alternative installation instructions below.

Note: Install the VPN software only on the computer from which you want to connect, e.g. only on your home computer or the notebook with which you travel. You do not need to install the software on the computer that you want to access (MIE office or lab computer).

Installing MIE-vpn and UTORvpn (recommended method)

1. Sign up and install the UTORvpn software. If you already have UTORvpn, skip to step 2.

Go to www.vpn.utoronto.ca and follow the instruction to install UTORvpn for your system. You need your UTORid to sign up and download the software.

Windows installation
Linux or Unix installation
MacOS X Tiger (10.4) installation
MacOS X Leopard (10.5) installation

Follow the UTORvpn instructions to connect:

Windows usage
Linux or Unix usage
MacOS X usage

Test that the connection is working.
The following link will tell you if you are connected to UTORvpn: Click here for connection test.

2. Download and save the MIE VPN configuration file.

Important: For security, the following file can only be downloaded if you are connecting with UTORvpn or from any UToronto network. If you are installing it from home, connect to UTORvpn first or you would get Permission Denied on the following step.

Click to download the following file: mie-vpn-1.ovpn

Save and copy mie-vpn-1.ovpn into the UTORvpn folder of your system disk:

Windows XP: \Documents and Settings\Your_Name\Application Data\OpenVPN\config
Windows Vista: \Users\Your_Name\AppData\Roaming\OpenVPN\config
MacOS X: Home folder, Library/openvpn
Unix/Linux: /etc/openvpn

Windows XP note: If "Application Data" does not appear under "Documents and Settings", open Windows Explorer, choose Tools - Folder Options; in the View tab enable "Show Hidden Files and Folders"

Windows Vista note: If "AppData" does not appear under "Users", open Windows Explorer, choose Organize, Folders and Search Options; in the View tab enable "Show Hidden Files and Folders".

Mac OS X note: You should have the following files in your Library/openvpn folder: utorvpn.ovpn and mie-vpn-1.ovpn

Proceed to Connect to MIE-vpn

Installing MIE-vpn without UTORvpn (for users without UTORid)

If you do not have a UTORid or are not eligible for UTORvpn access, use these instructions to install the software (OpenVPN) and add the MIE-vpn configuration file. Note that the installation might be considerably more difficult in some systems (Mac, Linux, Unix). Also, if you later on install UTORvpn you will have to uninstall and reinstall using the instructions in the previous section.

1. Go to www.openvpn.net, download and install the latest version of OpenVPN.

Make sure to install version 2.1 or newer. Version 2.0 will not work with the MIE-vpn. As of this writing (Apr 2008) there are only installation packages for Windows. If there are no packages for your operating system (e.g. Mac, Linux or Unix) you would have to install by compiling the source code (inexperienced users should not attempt this).

Mac OS X users install Tunnelblick application from www.tunnelblick.net

2. Download and save the MIE VPN configuration file.

Important: For security, the following file can only be downloaded if you are connecting from any UToronto network. You can download it and save it when you are in the departmant and take it home, or ask your supervisor or a colleague to download it from the department and email it to you.

From a UToronto or MIE connection, click to download the following file: mie-vpn-1.ovpn

Save and copy mie-vpn-1.ovpn into the OpenVPN config folder of your system disk:

Windows: \Program Files\OpenVPN\config
Unix/Linux: /etc/openvpn
Mac OS X: Home/Library/openvpn

Connecting to MIE VPN:

Important: You have the choice to connect to either UTORvpn or MIE-vpn. Unfortunately it is not possible to connect to both at the same time. Disconnect from UTORvpn before connecting to MIE-vpn.

Open the UTORvpn or OpenVPN software.
Mac OS X: Run the Tunnelblick application (in the Applications folder).
Choose mie-vpn-1 and connect.
Type your MIE user login and password (same login as for your @mie.utoronto.ca email account)

After a few seconds you should get confirmation that the connection was successful. Now you should be able to reach your lab/office desktops and printers.

Test: The following link will tell you if you are connected to the MIE VPN: Click here for connection test.

Connection example for Windows:

1. Open the OpenVPN icon on the Windows desktop. (Windows Vista: Right-click icon and select "Run as Administrator"!)
2. Right-click the small OpenVPN network icon on the system tray (near the clock).
3. Choose mie-vpn-1 then Connect.

4. Type your MIE user name and password.

5. After a few seconds the connection should be ready. Note that the system tray icon turns green.
6. To disconnect, right-click the small OpenVPN system tray network icon, choose mie-vpn-1 and Disconnect.

Connection example for MacOS X:

Follow the example to Connect to UTORvpn; you should have an extra option to "Connect to mie-vpn-1".
Use your MIE user name and password to connect to MIE-vpn (instead of the UTORid needed for UTORvpn).

Testing the VPN connection

The following link will tell you if you have sucessfully connected to the MIE VPN: Click here for connection test.

Connecting to your MIE desktops and printers:

After a successful connection to MIE VPN, you should be able to connect to desktops, printers and other networked machines in the MIE network. For example, by connecting using Remote Desktop, Virtual Network Computing (VNC), File Sharing, etc.

You would need to know the IP address of the office or lab computer that you wish to access, before you try remote access. The IP address should be four numbers, such as 192.168.#.# or 128.100.#.#.

Windows: Open a Command Prompt window (Start - Run - "cmd") and type the command "ipconfig".
MacOS X: System Preferences - Network
Linux/Unix: "ifconfig" command.

Hint: Check the network settings and test the connection while you are still in the department, before you go home or away. If you can establish connection between two computers in the department, it should also work remotely through the VPN.

Note: Most desktop computers in the MIE network have "dynamic IP address" which means that the IP address may change from time to time. However, the IP address should remain the same for as long as the computer is running. In most cases, the same IP address is reassigned when the computer is restarted. If your computer is changing IP address often, contact us if you wish to have a permanent, static IP address (not recommended for portable computers).

Important! Make sure that your computers are password protected!

Example: Windows Remote Desktop connection

You want to access your MIE office PC (OFFICEPC) from home (HOMEPC) using Remote Desktop.

In OFFICEPC:

Make sure that passwords are needed to login to Windows. Otherwise anyone could access your computer!
Check in "Control Panel" - "User Accounts".
Assign strong passwords to your Windows account and for every user of the computer.
Enable Remote Desktop: Control Panel - System - Remote tab; in the Remote Desktop section, "Allow users to connect..."
Check IP address: Start - Run - "cmd". Type the command "ipconfig". Example: "IP Address: 192.168.15.250"

Test the connection from another computer in your office or in your lab (for example LABPC2):

Start - All Programs - Accessories - Communications - Remote Desktop Connection
Remote Desktop Computer: "192.168.15.250" (the IP address of OFFICEPC)
You should see OFFICEPC's logon screen. Logon to Windows as you normally do.
You should have full control of OFFICEPC.
If the connection fails, double-check settings, check if a software firewall is blocking, etc

Now back at home in HOMEPC:

Install MIE-VPN software as described earlier in this document, if you haven't done so.
Connect to MIE-VPN and use your MIE login and password to connect.
Optionally but recommended, test the VPN connection.
Run Remote Desktop Connection as you did from LABPC2:
Start - All Programs - Accessories - Communications - Remote Desktop Connection;
Remote Desktop Computer: "192.168.15.250"
Logon to OFFICEPC. You should have full control as if you were in the office.

Example: Mac OS X access to shared folders.

You want to access the shared folders on your office Mac OS X desktop ("Office Mac") from your home Mac OS X computer ("Home Mac").

In "Office Mac" :

Set up File Sharing in Systems Preferences - Sharing.
Add the folders you wish to share.
IMPORTANT: Make sure you are the only user allowed to access the shared folders. Remove access from everyone else.
Find out the IP address of the computer, in System Preferences, Network.
Example: "IP address: 192.168.15.251"

In "Home Mac":

Install MIE-VPN software as described earlier in this document if you haven't done so.
Connect to MIE-VPN. Use your MIE login and password to connect.
Optionally but recommended, test the VPN connection.
In Finder, in the Go menu, select "Connect to server"
Type the IP address of "Office Mac". Example: 192.168.15.251
You should be prompted for your "Office Mac" password and if successful your folders are displayed.

Example: Network printing from wireless laptop.

Problem: Your laptop prints to a network printer while connected to the (wired) MIE network but can't print when you connect to the UofT wireless network, nor from any other network.

Solution: Install and connect to the MIE-vpn. No other changes are needed; printing will work while you are connected to the MIE VPN.

MIE-vpn vs UTORvpn

After you have done the VPN software installation, you have the choice to connect to MIE-vpn (departmental) or UTORvpn (institutional). The following are the similarities and differences:

Both MIE-vpn and UTORvpn use open-source software (OpenVPN), with support for Windows, Macs, Linux & Unix systems.
UTORvpn gives you access to University resources (e.g. libraries) but not to departmental internal networks.
MIE-vpn gives you access to University resources and to the MIE departmental research network.
You login to MIE-vpn with your MIE user account. You login to UTORvpn with your UTORid.
When connected to UTORvpn, all your internet traffic goes through the VPN connection and through UofT, which might be slower.
When connected to MIE-vpn, only MIE and UofT network connections go through the VPN, other internet access goes directly to the internet via your regular ISP servers.