Protecting on-campus resources with the UAH VPN

Tags vpn advanced

If you operate network-accessible services for UAH constituents, you may wish to restrict these services to users who are connected to the campus VPN.

To implement this restriction within your server or service, simply require your users to connect from within the 10.6.0.0/16 subnet. All UAH VPN users reside in this subnet.

It's also possible, upon request, for OIT Network Engineering to map a certain group in the Campuswide Active Directory to a VPN "profile," which can be used to place users in a certain subnet. For example, if your department's favorite number is 123, OIT can allocate 10.6.123.0/24 to users who belong to the "YourDepartment" group in the Active Directory. Then, you can restrict your server or service to only be reachable from this specific subnet, instead of all VPN users.