• McMaster
  • McMaster A-Z Index
• Academics
  • Undergraduate Studies/Programs
  • Graduate Studies/Programs
  • Part-Time Studies & Continuing Education
  • Departments & Faculties
• Alumni
  • About the Alumni Association
  • Alumni Events
  • Services & Benefits
  • Programs for Alumni
  • Alumni Networking
  • Keep in Touch
  • Homecoming
  • Alumni Weekend
  • Students & Young Alumni
  • Giving to McMaster
• Discover McMaster
  • About the Campus
  • Fast Facts
  • Governance
  • History of McMaster
  • How to Get to McMaster
  • Policies, Procedures & Guidelines
  • President's Message
  • Provost & Vice-President (Academic)
  • Strategic Plan
  • Teaching and Learning at McMaster
• Future Students
  • Undergraduate
  • Graduate Studies
  • MBA Program
  • Continuing Education
  • Parents
  • Student Services
  • Virtual Tour
• Library
  • About the Libraries
  • Contact Us
  • Course Reserves
  • Library Catalogue
  • Library Services
  • My Account / Book Renewal
• Research
  • Canada Research Chairs
  • Endowed & Industrial Chairs
  • Ethics in Human Research
  • McMaster Innovation Park
  • Office of International Affairs
  • Partnership Opportunities
  • Research Centres & Institutes
  • Research Policies & Procedures
  • Science in the City
• Current Students
  • Student Affairs
  • Student Resources
    • Chaplaincy
    • Human Rights & Equity
    • Information Technology
    • Office of Academic Integrity
    • Ombuds
    • Parking & Transit
    • Registrar
    • Safety & Security
    • Student Financial Aid & Scholarships
    • Student Accounts
  • Student Government
    • Graduate Students
    • Part-time Students
    • McMaster Students Union
  • Campus Life
    • Clubs
    • Events

University Technology Services

• McMaster's Virtual Private Network (VPN) Service
• VPN Home
• When to Use VPN
• Authorization to use VPN
• Recommended Client Software
• VPN Frequently Asked Questions (FAQ)
• UTS Home

Summer, 2009: The existing Cisco VPN concentrator is no longer available and will not be supported in the near future. In its place, Cisco promotes the Adaptive Security Appliance (ASA) device with many new capabilities and a more modern architecture. UTS Enterprise Networks is currently migrating from the existing concentrator to an ASA device.

There is an industry trend toward SSL-based VPN and away from the more complex IPsec protocol, providing access to web applications without requiring client software on the accessing system, and to non-web applications using what Cisco designate their SSL ‘AnyConnect’ client, which is simpler than IPsec clients to distribute and support.

New VPN supports 64-bit machines

The Cisco ASA device will support VPN access from 64-bit client machines using the AnyConnect client, but there is no IPsec client software for 64-bit machines and the old VPN concentrator will never provide 64 bit support.

PPTP Protocol – no longer supported

The Point-to-Point Tunneling Protocol (PPTP) was a method for implementing virtual private networks. PPTP was made obsolete by Layer 2 Tunneling Protocol (L2TP) and IPSec.

Cisco will no longer support PPTP in moving to the ASA device. PPTP has been supported by older Microsoft Windows versions, but with the advent of Vista, PPTP no longer works with our existing VPN Concentrator, and is not included in successor products such as the ASA appliance.

PPTP workarounds

Existing users of PPTP at McMaster (ca. 8% of clients) will need to migrate to a new VPN protocol. PPTP has been used by two groups primarily: Macintosh users & mobile device clients where there wasn’t a suitable IPsec client. With the ASA device there are a number of alternatives for PPTP users to choose between.

• There is a Cisco IPsec client for Macintosh OS X machines
• The SSL VPN may be more convenient for OS X users, either clientless SSL for access to web apps, or the Cisco AnyConnect client for Mac OS X

Library on-line materials accessed via PPTP

A number of those using the PPTP protocol have been doing so in order to access on-line materials licensed by McMaster’s Library but hosted on various publishers’ servers.  It was accidental that the PPTP services allowed this method to work.  Since the PPTP service is obsolete and won’t be provided in future, these users of PPTP must migrate.

The Library supports a system called LibAccess for access to e-Resources which allows access from off-campus locations anywhere to eligible members of the McMaster community (authentication is required).  This method does not require the use of a VPN (and in fact using a VPN at the same time interferes with proper operation of LibAccess). 

Bookmarklet

Add it to your favourite and you can access anything the Library subscribes to without going through the library web page. You will need only to enter your username and password once as long as you stay online.

More information about the bookmarklet is available at:

http://library.mcmaster.ca/lab/libaccess-bookmarklet

Conversion Timeframe

Over the next few months, both the existing obsolete VPN concentrator and the new ASA VPN will operate in parallel to allow clients to move from the old system, starting with the group of PPTP users. Please consult the web page for current information and links to the appropriate software to download.