VPN Setup
As you as students will need to connect to h_da internal services from time to time to work on projects or tasks assigned to you during exercises we provide an updated VPN access based on WireGuard.
This document aims to guide you through the process of configuring your device to be able to connect to the VPN and therefore to h_da internal services.
Obtaining a VPN device configuration
Faculty Members
Faculty members need to use a different WireGuard Access Server to obtain their VPN configuration. You will find the Access Server here: mavpn.fdbi.h-da.de
To obtain a WireGuard configuration for your device head over to the WireGuard Access Server. Here you will be presented with two ways of logging in:
On this page, log in with your Student credential (username: stXXXXXX
, password: <your pw>
).
On a successful login, you will be prompted to grant access to StudentVPN
.
Choose Authorize
to complete the OIDC login, and you will be brought back to a dashboard
to manage your VPN devices.
Tip
While logged in to Gitlab you may also set up two-factor authentication (2FA). This is however not necessary to access the VPN, but a good security practice. A guide to enable 2FA on Gitlab can be found here.
Adding a new device
In the WireGuard access server's dashboard you will see a dialog to enter a new device name. Enter a name for a new config file and click Add
Afterwards, you will be presented with a popup to download the WireGuard configuration file.
Notice
Choose a very descriptive name for the configuration, as you will need to create a new configuration for each additional device you want to connect.
While it is possible to use the same configuration file on multiple devices, this is discouraged as then only one device will be able to connect at one time. Multiple devices sharing a config and being connected at the same time will lead to strange and unexpected behavior.
Obtaining the client
After we obtained our configuration file we need to download the WireGuard client from the download page. This page is also linked within the dialog box where we obtained the configuration file.
Adding the config file
Having installed WireGuard on your device, add the previously obtained configuration file by
clicking the + icon in the bottom left corner and choosing Import Tunnel(s) from File...
.
Checking connected devices
The WireGuard Access Server's dashboard will also show you the activity of your connected devices. This way you can easily check which clients are currently connected if you have created multiple configuration files. From here you can also delete a client which will render the configuration file invalid.