Installation of Tunnelblick on Mac (OpenVPN)
Tunnelblick can be installed from the Managed Software Center on the University Mac's University menu.
See also Pulse Secure instructions for University Macs.
It is possible to form an encrypted remote connection from your home computer to the servers of the University of Helsinki. A VPN connection is also useful in HUPnet and other unencrypted networks. If you wish to access your home directory (i.e. the Z drive) or group directories (P drive) from your home computer, first act according to these instructions and then open the instructions for the remote use of home and group directory
You can make the VPN connection run on Mac OS X with Pulse Secure or the Tunnelblick connection software. Pulse Secure is also available for iPad and other mobile devices, see instructions here.
- Download and install the latest version of Tunnelblick from the https://tunnelblick.net/
- Extract the dmg-file you just downloaded and copy Tunnelblick.app to the Applications folder.
- Download the latest version of configuration files (HY-VPN.tblk) from Download Centre by clicking Programs > HY-VPN > MacOSX.
- Extract the HY-VPN.tblk.zip by opening it from the Downloads folder.
- Double-click on the HY-VPN.tblk file. Tunnelblick starts. Enter the OS X administrator password.
Select Only Me (VPN settings only installed on the user account which is currently logged in) or, preferably, All Users (all user accounts have access to the VPN connection).
HY-VPN.tblk contains an openvpn.conf file with the university's VPN script and the liteca.crt certificate. Tunnelblick creates a Tunnelblick folder in the Application Support folder where the configuration files are copied. The Only Me option creates a folder in the Library folder of the home folder and an All Users Macintosh HD in the Library folder.
• Open the Applications folder and click on the Tunnelblick icon.
• A tunnel icon appears in the menu row in the top right corner of the screen. Click on the icon and select Connect 'HY-VPN'.
The software will ask for the user name and password you use in the university's services. After you have entered them, the software initiates the connection.
In future, you can form an encrypted connection by repeating the last three stages.
- You may have encountered a new security feature in High Sierra and higher which restricts the loading of kexts (system extensions). Read more from Tunnelblick's site.
- If the connection does not work, click on the tunnel icon and select VPN Details. Select Set nameserver in the Set DNS/WINS menu. If the connection still does not work, try another setting.