If you run a firewall, it is imperative that the firewall rules allow the VPN traffic to pass in order to make a successful connection between your computer and the VPN server. Many firewalls are not configured to pass VPN traffic by default; you may need to reconfigure them yourself in order to permit the VPN connection.
This document cannot provide configuration instructions for the various manufacturers' firewalls. However, some general guidelines apply.
If your firewall controls access by identifying computers rather than by identifying ports, you should configure your firewall to allow trusted communication with the CITES VPN server.
If your software asks for a "host name" or "site", enter vpn3.near.uiuc.edu.
If your software asks for an "IP address", enter 22.214.171.124.
For example, ZoneAlarm handles computer-specific security by allowing you to add a host name or IP address to the "Trusted Zone" under the Firewall section's Zone tab. Other third-party firewalls may handle this differently.
To configure the free edition of ZoneAlarm to work with the campus VPN server:
- Open ZoneAlarm.
- Select the Firewall option.
- On the Main tab, verify that the "Trusted Zone" security setting is set to medium.
- On the Zones tab, click Add, then Host/Site.
- To add the VPN server to your Trusted zone, enter the VPN server's name: vpn3.near.uiuc.edu.
- Add a description of this entry. "CITES VPN server" is recommended.
- Click OK.
Some firewalls require specific details about what ports and protocols should be permitted. The ports and protocols that are required for VPN traffic are:
|Service||Protocol number||Destination port|
|PPTP Control Connection||6 (TCP)||1723|
|PPTP Tunnel Encapsulation||47 (GRE)||N/A|