Synopsis:
How to connect to University online resources from off-campus

Solution:
There are two alternatives for connecting to Princeton University computing resources from off-campus.

Connecting to Library Online Resources: Princeton University Library Remote Access Service
Many licensed databases and other electronic resources of the Princeton Library are only available while on campus or connected to the Princeton network. The Library provides a web interface that allows you to log in to library services even if you are off-campus and using an alternate Internet Service Provider. Use of this service is restricted to members of the University community. To connect to Princeton University Library Remote Access Service, go to: Library EZproxy Service. In case of questions or problems, please send e-mail to Library Support at lsupport@princeton.edu.

Connecting to Princeton Domain Resources using VPN
Alternatively, if you need access to the Princeton Domain for University online resources but are connected to the Internet using an alternate Internet service provider, you can establish a VPN connection using software built into your computer's operating system. A virtual private network (VPN) is a secure network connection that is layered on top of a public network, such as the Internet. VPN is especially useful for Princeton faculty, staff, and students who are off-campus and would like to access restricted campus resources using a commercial Internet service provider.

After authenticating with the VPN server, remote computers function as if they were on campus, and as long as your VPN connection is active all Internet activity from your computer is routed through Princeton servers. Note that VPN is required if you are using Exchange e-mail and calendaring services; although there is an alternate option which is to configure your Outlook software using Outlook Anywhere.

University account holders using University resources should be aware that their activity, including that via the Virtual Private Network (VPN), must comply with U.S., New Jersey and local laws and University Information Technology Policy, regardless of their access point.

Configuring VPN
Instructions are available for setting up the built-in VPN client for the following operating systems. To determine what operating system you are running on your computer, please see Solution 8478.

Configuration Instructions:

• iPhone, iPad, iPod
• Linux
• Mac OS X
• Windows 7
• Windows Vista
• Windows XP
• Windows 2000

---

Troubleshooting VPN Connections

1. If you do not have administrative rights to your computer, you will not be able to set up a VPN connection and it will be grayed out. If you do have admin rights, there may be some other software preventing VPN from being set up correctly (such as a third-party firewall that was installed). As an alternative to the steps provided in the links above, you can also create VPN connections through the IE control panel. With IE running, go to Tools Menu and select Internet Options. Go to the Connections tab and click Add. Then select “Connect to a private network through the Internet” and type vpn.princeton.edu as the host. Name the connection and click Finish.
2. You need to use your Windows domain account to connect to vpn.princeton.edu. When authenticating, it may be necessary to specify the Princeton Windows domain, either separately or as part of the user name (i.e. PRINCETON\NetID). If you have problems, please verify that you have a valid Windows domain account.
3. Firewalls often prevent a VPN connection from being established. Firewall software (such as ZoneAlarm) is sometimes installed on individual computers. A router or switch on a local network may also have firewall functionality. To make a VPN connection from behind a firewall, the firewall needs to be reconfigured to open up TCP port 1723 and IP packet type 47 (or UDP port 47). Network administrators should be able to make this change.
4. Some commercial Internet service providers charge extra for VPN connectivity to networks outside their own; you should contact your ISP to see if you need to purchase an upgraded service package that allows VPN.
5. If your home machine has a computer name that is already in use by an on-campus machine, you may get the error, "No domain controller could be found." This would prevent access to the Windows domain and certain shared resources. If you change the computer name to something unique, the problem will be resolved. There is no list to check and there are no restrictions on how often you may change computer names. Adding a few letters to the computer name is often effective.

---

Troubleshooting VPN Slow Connectivity
After establishing a VPN connection to Princeton, you might experience slow down of network speed. This is because your network traffic is now routed through the Princeton VPN server, and the overhead could be significant if you are connecting far away from Princeton. On Windows, you could use the following steps to route only the Princeton specific traffic through the Princeton VPN server:

1. Double-click on the shortcut for the VPN connection on your desktop.
2. In the window that appears, select Properties.
3. In the window that appears, select the Networking tab, then select Internet Protocol (TCP/IP) and click Properties.
4. In the window that appears, click on Advanced.
5. In the window that appears, select the General tab and uncheck "Use default gateway on remote network". Click OK.
6. Close all previous windows by clicking OK in each.

Related Links

• Broadband: Commercial high-speed Internet access in the Princeton area

---