Virtual Private Networking

1.0 Purpose

To provide guidelines for Remote Access via PPTP or L2TP Virtual Private Network (VPN) connections to Aberystwyth University's corporate network.

2.0 Scope

These guidelines apply to all members of the University utilizing the VPN service to access the AU network.

3.0 Guidelines

Approved University users may utilize the benefits of the VPN service, which is a "user managed" service. This means that the user is responsible for selecting an Internet Service Provider (ISP), coordinating installation, installing any required software, and paying associated fees.

Additionally,

  • It is the responsibility of users with VPN privileges to ensure that unauthorized users are not allowed access to the AU's internal networks.
  • VPN use is to be controlled using a one-time password authentication.
  • All computers connected to AU's internal networks via VPN must use the most up-to-date anti-virus software and operating system patches.
  • VPN users will be automatically disconnected from the AU nework after thirty minutes of inactivity. The user must then logon again to reconnect to the network. Pings or other artificial network processes aer not to be used to keep the connection open.
  • Users of computers that are not AU-owned must configure the equipment to comply with AU's VPN and Network policies.
  • By using VPN technology with personal equipment, users must understand that their computers are a de facto extension of the AU network, and as such are subject to the same rules and regulations that apply to AU-owned equipment, i.e., their computers must be configured to comply with the University Information Security Policies.

4.0 Definitions

 Term Definition
 PPTP  Point-to-point Tunneling Protocol
 L2TP  Layer 2 Tunneling Protocol