FIXME **This page is not fully translated, yet.**

======= VPN via eduVPN =======

===== What is eduVPN? =====

eduVPN allows university users to safely and easily access resources available at the university from home. Users only need to install an app and log in with their university account. A [[en:services:network_services:vpn:start |virtual private Network (VPN)]] extends the university's network via public internet so that users can send and receive data securely over public networks. Just as though your device was directly connected to the university's network.

We highly recommend to use eduVPN with the apps of the same name and to not set it up manually. The reason is that any specific configuration is only valid for 16 hours.

<WRAP center round important 60%>
==== What are the most important differences between eduVPN and Cisco AnyConnect? ====
  * eduVPN can only be used if a 2nd factor was set up in [[https://id.academiccloud.de/security|id.academiccloud.de/security]].
  * Instructions on how to configure your 2nd factor can be found [[https://docs.gwdg.de/doku.php?id=en:services:general_services:customer_portal:security:two_factor_authentication| in our Wiki]].
  * Devices with TouchID, FaceID or Windows Hello we recommend either this 2nd factor; alternatively you can use the eduMFA app [[https://play.google.com/store/apps/details?id=io.edumfa.authenticator&pcampaignid=web_share|Google PlayStore]] or [[https://apps.apple.com/us/app/edumfa-authenticator/id6479982721?platform=iphone|Apple AppStore]] .
  * Users can (and should) set up multiple 2nd factors, just in case one of them is lost or unavailable for any reason.
  * A new login is required every 16 hours.
  * eduVPN works significantly faster in the "Wireguard" mode.
</WRAP>

=====How to set up eduVPN =====
**Please first set up the 2nd factor(s) for your account at [[https://id.academiccloud.de|id.academiccloud.de]]**
==== Download and installation ====

Find the required software/apps for the common platforms at https://www.eduvpn.org/client-apps/.
  * Choose your device's OS (Windows, macOS, Linux, Android, iOS) and click on the corresponding download link to get the installation file.
{{:de:services:network_services:vpn:eduvpn_7_.png?nolink&600|}}
 
===Windows===
  * Open the downloaded file to start the installation.
  * Follow the instructions during the installation process.
  * Start the eduVPN-application and follow the illustrated instructions below.
===macOS===
  * Click on the provided link that should lead you directly to the eduVPN app in the App Store.
  * Tap on the eduVPN symbol to open the app. Agree to the changes and data protection notice, then follow the illustrated instructions below.
===iOS/Android===
  * Download the app from the relevant app store; the eduVPN app is also available from various alternative stores like F-Droid.
  * Follow the illustrated instructions below.
===Linux===
  * Install the app according to the instructions for your Linux version [[https://docs.eduvpn.org/client/linux/installation.html]].
  * The Linux app uses the NetworkManager for management of the VPN tunnels and thus integrates smoothly with most Linux distributions.
  * Beside the graphical application, also the command line tool eduvpn-cli is delivered with the packages. With that, the tunnel creation can be quite easily integrated into your own workflows.
  * Please note: bitte beachten: The 2nd factor is madatory! An unattended tunnel recreation is not for security reasons is not provided!

==== How to use the app====
  * Start the app.
  * In the search box, type: university of göttingen
 {{:de:services:network_services:vpn:eduvpn_8_.png?nolink&400|}}
  * Next, please click on the search result displayed:
 {{:de:services:network_services:vpn:eduvpn_9_.png?nolink&400|}}
  * You will be redirected to the Academic Cloud login; enter your credentials as usual:
 {{:de:services:network_services:vpn:eduvpn_10_.png?nolink&400|}}
<WRAP center round info 60%>
At this point you need to have a second factor previously configured. If you are required to "choose an additional login factor" and the list is empty, you haven't done so yet. Please set up a second factor at [[https://id.academiccloud.de/security|id.academiccloud.de/security]].
</WRAP>

  * On the website now displayed, confirm your login with 'Approve':
 {{:de:services:network_services:vpn:eduvpn_11_.png?nolink&400|}}
  * You can now close the browser window
  * and should see a dialog where you can choose one of several profiles.
  * In some cases another click on 'University of Göttingen and GWDG' will be required.
  * Choose the appropriate profile: 
  * OpenVPN Studierende – a proven VPN connection based on the OpenVPN' protocol; works in almost any third-party network
  * Wireguard Studierende – a modern VPN connection based on the 'Wireguard' protocol; needs significantly less processing time and consequently often works faster; however, it isn't functional in all third-party networks/is sometimes blocked.

===== Why do I have to re-login after 16 hours?=====
  * For security reasons, it was determined that once a day the presence of the 2nd factor must be verified.
  * Tests showed that a login period of 24 hours very often caused expiration to happen on the following day in the middle of an important conference, therefore the duration was set to less than 24 hours but significantly more than a working day.
  * Expiration of logins 'every night at 4h CEST' is inconvenient for users in different time zones.
===== I am using multiple Academic Cloud accounts at the same time =====
It can be unsatisfactory to have to juggle two SSO (i.e. Single Sign On, one login for (nearly) all services, as provided by Academic Cloud) accounts in one web browser, e.g. one's student and employee's account. For Firefox users, there is a solution named "Container".

With Firefox containers you can run to different, independent sessions in your browser, e.g. to simultaneosly use two different SSO accounts.
==== Installation of Firefox Containers ====
  * In your Firefox's menu, open "Add-ons and Themes"
{{:de:services:network_services:vpn:eduvpn_3_.png?nolink&600|}}
  * Search for "Firefox Multi-Account Containers"
  * Install the add-on.
{{:de:services:network_services:vpn:eduvpn_4_.png?nolink&600|}}
  * Open the add-on in the menu and see the introduction.
{{:de:services:network_services:vpn:eduvpn_5_.png?nolink&600|}}
  * under "Manage containers " you can provide a nice name, a color and a suitable symbol for a container, e.g. "Student".
{{:de:services:network_services:vpn:eduvpn_6_.png?nolink&400|}}
  * You can now click and hold the "plus" button when opening a browser tab in order to set the container to be used for newly opened web sites.
  * If you want the login page for eduVPN always to open in your "Student" container, open [[https://eduvpn.gwdg.de]] in a new tab **and log in**
  * Click on the symbol for "Always open this page in a container"
{{:de:services:network_services:vpn:eduvpn_12_.png?nolink&400|}}
  * You can either log in again or just leave it for the moment.
  * Now the login for eduVPN will always be opened in this container, and other Academic Cloud accounts in use will no longer encumber you!
  * You can recognize a container by the tab marked in color and the container's name in the search bar.
{{:de:services:network_services:vpn:eduvpn_2_.png?nolink&400|}}