IT Helpdesk
Menu

Always on VPN (AoVPN)

These instructions are intended for Windows computers that are centrally administered by the University.

Several methods are available for connecting a computer located outside the University securely to the University. VPN is the most common technology for establishing the connection. These instructions explain how to establish an AoVPN (Always on VPN) connection.

Read more in this Flamma bulletin about AoVPN (1 Dec 2022)

Benefits of AoVPN:

  • Starts automatically when the device is connected to the internet and is not simultaneously connected to a University of Helsinki network (wired network, Eduroam or OpenVPN).
  • Home and group drive directories are automatically available.
  • Single sign-on to university services is available.

Limitations of AoVPN:

  • Only works on Windows laptops.
    • To check whether AoVPN works on your computer, use the Software Center and follow the instructions in the Detailed help tab below.
  • The laptop must be covered by the University’s centralised administration.
  • The user can install AoVPN on a university laptop used at home from the Software Center as long as the device is connected to a University of Helsinki network (OpenVPN) when the service is taken into use.
  • Does not work on shared computers.
  • Some of the network traffic does not go through the University’s network. Only traffic to the University of Helsinki runs through the AoVPN user tunnel. Traffic leaving the University goes directly to the destination, speeding up outgoing connections.
NB! Please continue to use the OpenVPN uh-vpn-allroute connection if you need access to the University Library’s materials or other materials or systems that require all data traffic to pass through a VPN connection.

 

See the Detailed help tab for instructions with pics.

Table of contents

Installation

  • Open the Software Center and search for “aovpn” in the Applications tab. Five applications will be displayed.
    • Install User Tunnel - for installing the AoVPN User Tunnel
    • Install Device Tunnel - for installing the AoVPN Device Tunnel (which may already have been installed automatically)
    • Device Tunnel requirement test - for testing whether the AoVPN Device Tunnel can be installed on your computer
    • User Tunnel requirement test - for testing whether the AoVPN User Tunnel can be installed on your computer
    • Delete Tunnels - if you encounter problems, you can try deleting the tunnels
  • Once the User Tunnel has been installed, you will see Renew user certificate displayed.
The Device Tunnel establishes a secure connection to the University’s server when the computer is online. It enables the implementation of actions related to the laptop’s network connections and administration, even before the user logs in to the computer.
The User Tunnel opens when the user logs in to the computer. It allows university services to be used over a secure VPN connection.

1) First check whether an AoVPN Device Tunnel has been installed on your computer:

  • Click on Install/Reinstall under AoVPN – Device Tunnel requirement test.

The results of a successful test run:

  • Device Tunnel requirement test

    Ensure that EVERY ITEM  receives the value “Passed”.

2) If the test run was successful, you can install the User Tunnel (AoVPN – Install User Tunnel).

  • Click on AoVPN – User Tunnel and select Install.
If the installation is unsuccessful, restart the computer and try again. If you are still unable to complete the installation, wait until the next day: another task may be running in the background. If you still cannot install the tunnel, please contact the IT Helpdesk.

How to use AoVPN

  • Always on VPN starts automatically when an internet connection is available for the device and the device is not connected to a University of Helsinki network.
  • You can also establish the connection yourself. At the bottom of the screen, open wireless connections, find UH User VPN and click on Connect. Check Connect automatically to establish the connection automatically in the future.
  • To check that the connection is working, open the list of network connections in the taskbar at the bottom of the screen.
 

 
How to disconnect

  • Open the network connections menu at the bottom of the screen, select UH User VPN and click on Disconnect.

    Troubleshooting

    Some of the network traffic does not go through the University’s network. In practice, this means that if an external service requires an address in a specific IP space (effectively one starting with 128.214), AoVPN cannot be used for the service (e.g., the library databases).

    • In this case, switch to an OpenVPN connection and select a connection called UH-VPN-ALLROUTE.
    • To check the IP address in use, go to https://www.ipchicken.com/
      In the example below, the computer’s address is in the University’s network.
    • In a home network, IPSec PassThrough must be Enabled for Always on VPN to work. See your operator’s instructions or the modem manual for more information.

    Give feedback

    The instructions site of the University of Helsinki's IT Helpdesk helps you with IT-related issues related to your work. Let us know how we can improve our instructions. We greatly appreciate your feedback!

    How would you improve these instructions?

    Related instructions

    OpenVPN for home computers (Windows 10 & 11)
    Installation of Tunnelblick on Mac (OpenVPN)
    Establishing an OpenVPN connection with iOS devices
    HY-VPN – Checking functionality and errors (Linux)
    Private browser window (so-called Incognito mode)
    Back to top