Skip to main content

VPN - Virtual Private Network

VPN grants you access to content and services that are otherwise only accessible from within the university, e.g. licensed databases and e-resources, including full texts from the library of the university. Access is implemented using the open-source software solution OpenVPN.

 

The login is done with the user data of your ZIMT account, as used for webmail or Moodle, for example.

viele blaue virtuelle schlösser

VPN profiles

Uni-VPN

  • This is the right choice for most users.
  • Upon successful login via the Uni-VPN profile, the user is assigned a random (dynamic) IP address from the university's VPN address range.
  • Multiple VPN sessions are possible on different devices when using this profile.
Uni-VPN profile (Windows)Uni-VPN profile (everything else)

Admin VPN profile

Only needed if special firewall permissions are required, using a static VPN address assigned to the user. An example would be remote access to a workstation computer from outside the university.

Admin VPN profile (Windows)Admin VPN profile (everything else)

VPN profile for external users

As with the admin VPN profile, this is only required for special firewall permissions. This profile is only intended for users who are not members of the university.

External VPN profile (Windows)External VPN profile (everything else)

General information

Multiple concurrent VPN sessions via the admin profile or the VPN profile for external users are not possible!


The OpenVPN service is fully IPv6-capable. In addition to the IPv4 address, an IPv6 address is also assigned and the traffic for both protocols is redirected through the tunnel. This is also the case if the network in which the device is located does not itself have an IPv6 Internet connection.

Testing the connection

The following links can be used to check whether the VPN tunnel is being used successfully for connections:

When using the Uni-VPN profile:

When using the Admin VPN profile:

FAQ

Please test whether you have a working internet connection. Try to access a website of your choice. If this does not work, it is not a VPN problem.

 

If you have a functioning Internet connection, it is possible that the operator of the network in which your device is located is blocking the necessary VPN ports in its firewall(udp/443 and udp/1194).

 

In this case, please download the following profiles and import them into your OpenVPN application.

 

 

However, it is recommended to use the udp profiles by default, unless you are experiencing the above-mentioned problems.

The log of the connection setup says:

 

There are no TAP-Windows adapters on this system. You should be able to create a TAP-Windows adapter by going to Start -> All Programs -> TAP-Windows -> Utilities -> Add a new TAP-Windows virtual ethernet adapter.

Exiting due to fatal error

 

The TAP driver was not installed. Uninstall OpenVPN (`Start -> Settings -> Apps; select OpenVPN and click on uninstall). Then please reinstall OpenVPN.

If you have deactivated IPv6 on your system, you will receive an error when establishing a connection (only applies to starting via the console). Either enable IPv6 on your system or edit your profile file and add the following lines:

pull-filter ignore ifconfig-ipv6
pull-filter ignore route-ipv6

The existing configuration files no longer work. Please delete the old profiles (uni, admin etc.) and reinstall them.

Due to a bug in iOS 9, IPv4 traffic is routed past the tunnel. This means that protected university content cannot be accessed despite a VPN connection being established.


The workaround is to disable IPv6 in the iOS app (Settings ->IPv4-ONLY Tunnel)

The connection log states:

 

Tunnelblick: Warning: DNS server address 141.99.2.2 is not a public DNS server known to Tunnelblick and is not being routed through the VPN

 

Problem: Avira has installed its own VPN software called Avira Phantom VPN. This must be uninstalled, as well as the existing VPN connections from the system settings.