Discussion

From ITPWiki

Jump to: navigation, search

Any general questions or discussion can be threaded onto this page.

Getting Past Firewalls

JHU requires external users to operate over a VPN connection. So if you're lab is making a remote connection to JHU, you might have to install this kind of client software.

Paul- what is required for this? Is there a recommended software suite? How will external users log into the VPN? I imagine that the VPN client software creates a virtual network interface, making it transparent an end-user application. No?

-Hawkeye

Hopkins allows students and staff to access the internal Hopkins network by running a VPN client available from Juniper Networks. This is the recommended software on Windows. I am not sure about other platforms. (The standard VPN client available in Ubuntu distributions worked a few months ago, but the servers changed recently.)

The VPN software is indeed transparent from the perspective of the end-user application. The challenge will be getting access for external users. I will look into this.

On a related topic, are there plans for securing our network communication. Leaving open a port that receives commands that drive motors seems unwise. Perhaps Secure Shell could be used to tunnel UDP traffic between master and slave hosts.

-Paul


June 24, 2009

As a follow-up, getting guest account to the Hopkin's network is not practical. Instead we are trying to get a static IP that is visible to the outside world.

Also, I think some authentication like ssh is a necessity, particularly with a connection accessible to anyone.

-Paul


June 26, 2009

Paul-

A static, publicly addressable IP would be the simplest solution!

By keeping the port open only while we're operating we can minimize our exposure to network-scanning and attacks. Alternatively, it would be possible to set up an SSH tunnel, but would complicate things a bit. I think one key to the success of this project will be keeping all the architectures as simple as possible.

+Hawkeye


July 13, 2009

Dear Hawkeye, dear participants,

As I understood, there will be a networking test between some of participants.

We are preparing master computer at KUT with IP 220.68.68.62. In order to open this IP for external connections we should know the IP addresses of computers which will attempt to connect to KUT.

Please, could all the participants provide IP addresses of their master/slave systems?

- Ildar (KUT)


July 20, 2009

Ildar-

 I'm emailing everyone to get their IP address and network requirements.  I'll post the information as it comes in.
 Let's have you connect to the UW later this week- as per your email.

Talk to you soon!

+Hawkeye (UW)

Personal tools