Configuring Windows XP for VPN

This document assumes that you have an Internet connection already present.

Please follow the instructions below to configure Windows XP to connect to UBC's VPN service.

Creating a New VPN Connection:

1. Select Start ->Settings -> Control Panel

   

2. Select Network and Internet Connections if you cannot see the adapters immediately, you will need to click on Network Connections.
3. Under Network Tasks click Create a new connection.

   

4. The Welcome to the New Connection Wizard screen will open.

   

1. Click Next to access the Network Connection Type dialog box.

   

2. Select the Connect to the network at my workplace radio button.
3. Click Next to continue.

   

4. Select the Virtual Private Network connection radio button.
5. Click Next to continue.

   

6. For Company Name, type: UBC VPN
7. Click Next to continue.

   

8. If you have dial-up or a previous profile, select the Do not dial the initial connection radio button.
9. Click Next to continue.

   

10. For Host name or IP address:
    • If you are associated with the UBC-Vancouver campus, type: vpn.ubc.ca
    • If you are associated with the UBC-Okanagan campus, type: vpn.ok.ubc.ca
11. Click Next to continue.

    

12. In the Completing the New Connection Wizard dialog box, place a tick next to Add a shortcut to this connection to my desktop.
13. Click Finish to continue and the Connection window should be displayed.

    

14. Click the Properties button to configure some importantsecurity settings.

    

15. Click on the Security tab.

    

16. In the Properties dialog box, select Advanced (custom settings) and click the Settings button.

    

17. Under "Data encryption:", ensure that Require encryption (disconnect if server declines) is selected from the drop down menu.
18. Under "Allow these protocols", uncheck Microsoft CHAP (MS-CHAP) and place a checkmark next to Microsoft CHAP Version 2 (MS-CHAP v2) to turn it on.
19. Click OK to save these settings and to exit the "Advanced Security Settings" window.
20. Click on the Advanced tab to continue.

If you have not updated Windows XP to at least Service Pack 2 or higher, the screens below may look a little different. It is highly recommended that you upgrade to Service Pack 2 or above as it addresses many security concerns.

Firewall Set-up Instructions for Windows XP (Service Pack 2)

1. We seriously recommend that you turn on the Internet Connection Firewall.
2. Next to Help protect my computer and network by limiting or preventing access to this computer from the Internet, click the Settings button to continue.

   

3. Ensure that your Windows Firewall is set to On.

   

4. Click on the Advanced tab to modify the firewall settings. 
   

   

5. Select the Settings... button under the ICMP section

   

1. Place a tick next to Allow incoming echo request.
2. Place a tick next to Allow outgoing destination unreachable.
3. Click the OK button to exit the ICMP Settings window.
4. Click the OK button to exit the Windows Firewall Settings window.
5. Click the OK button to exit the VPN Properties window.

   

1. Enter your Campus-Wide Login (CWL) and password and click Connect to establish your VPN connection.
2. A Network Connection icon will appear in the lower right hand corner of the Windows taskbar when the connection has been established.

   

3. To see information about your wireless VPN connection or to disconnect your wireless VPN connection, double click on the UBC VPN icon on your desktop.
   

   

4. Click on the Details tab for more information.

   

5. At this point, all traffic is tunneled back to UBC (and from there, information is unencrypted.)
6. If you are experience problems connecting to UBC VPN using Windows XP's built-in VPN application, you can also try the Nortel IPSec application.