!!! Translated by Google Translate !!!
The VPN service is intended for access to the CTU network for employees and PhD students. It allows them to use applications accessible from the CTU network from home.
Download and install Cisco VPN client from download.cvut.cz server. To login use usermap.cvut.cz username and password.
To set up a client:
To create a new connection:
- Connection entry: cvut
- Host: vpn.cvut.cz
- Name: vpn
- Password: vpn
Figure 1: New connection
If you want to use the VPN tunnel only to access applications in the CTU network (ie to prevent other Internet / local traffic from using VPN), we recommend that you set the Group Authentication items Name and Password to “vpncvut”.
If you do not have a public IP address, for example, if you are connecting via GPRS or are using a home router, check the “Transport” tab and select “Enable Transparent Tunneling”.
Figure 2: NAT Traversal
If you fail to establish a connection to the VPN server, ie the login window does not pop up when you try to connect, see. Fig. 3, try the “Enable Transparent Tunneling” setting to select “IPSec over TCP, TCP Port: 10000”.
To login use usermap.cvut.cz login .
Figure 3: Login window
After successful login, the Cisco client icon will appear on the toolbar
Figure 4: Connected to VPN
You can simply disconnect by clicking on the icon.
Figure 5: Disconnected from VPN
Modify the routers metric for not tunneling all traffic to VPN
After logging in to VPN, all traffic is routed via VPN. For example, there may be a problem with getting computers / services on your local private network. If any of the users need to modify the traffic that is / is not routed to the VPN, it is necessary to use the script to modify the metric during routing. Below is a guide from Martina Pecky:
The routing metric is changed as follows:
route change 0.0.0.0 MASK 0.0.0.0 126.96.36.199 METRIC 200 IF 22
Where the number after IF is the interface number assigned to the Cisco VPN adapter. This number can be determined by following the procedure (once only, the number does not change):
First we find the name of the connection that the Cisco client made. In the command output
netsh int ipv4 show config
we can find a connection with the gateway 188.8.131.52 (this can be called Local Area Connection 2, for example).The interface number for this connection can be found from the following command in the Idx column.
netsh int ipv4 show interfaces
The script that changes through the route change command must be run with administrator privileges.
Additional VPN tutorials
Instructions for Windows 8 and 10
Manual for Rectorate of CTU