The remote access service to UAM allows anyone related to the university to access the UAM's exclusive resources using any type of operative Internet connection.
Administrative and Service Staff
Teaching and Research StaffSubject matterServicio de RedHelp and Support
What is it and what's it for?
Some intranet applications and services are only available to members of the university community (institutional antivirus, access to Library Service databases and magazines, etc.). Access to these resources is only allowed through the university intranet, not from any other part of the Internet (other universities' intranets, access from home through any service provider, etc.)
The remote access service does not provide an Internet connection; it only allows an existing Internet connection to access these restricted resources, subject to authentification, just as if we were in the university's intranet itself. For this, you must install an additional VPN software to the Internet connection.
Since February 2010 the remote access services has been completely updated.
The old client, IPSec, is no longer necessary. Although it is not necessary to uninstall it, we recommend you do so. In Windows, for example, this is done through the Add or delete programmes option on the Control Panel.
The new service has the following advantages:
Automatic installation and configuring through the website of the new Cisco AnyConnect client,
It supports the new Vista and 7 operating systems.
It supports 64-bit operating systems.
SSL protocol instead of IPSec protocol. This improves connection with many Internet providers.
Automatic updates on demand by the service administrator with no intervention by the final user.
Below are much more detailed specifications from the manufacturer, Cisco, on the new AnyConnect client, version 2.4.
The following are listed:
For WebLaunch, use Internet Explorer 6.0+ or Firefox 2.0+, and enable ActiveX or install Sun JRE 1.4+.
*Windows 7 (32-bit and 64-bit) AnyConnect requires a clean install if you upgrade from Windows XP to Windows 7.
If you upgrade from Windows Vista to Windows 7, manually uninstall AnyConnect first, then after the upgrade, reinstall it manually or by establishing a web-based connection to a security appliance configured to install it. Uninstalling before the upgrade and reinstalling AnyConnect afterwards is necessary because the upgrade does not preserve the Cisco AnyConnect Virtual Adapter.
*Windows Vista (32-bit and 64-bit)—SP2 or Vista Service Pack 1 with KB952876.
AnyConnect requires a clean install if you upgrade from Windows XP to Windows Vista.
*Windows XP SP2 and SP3.
*Pentium class processor or greater.
*x64 or x86 processors.
*5 MB hard disk space.
*Microsoft Installer, version 3.1.
AnyConnect supports only standalone installations on Linux.
For AnyConnect 2.4, Cisco gives the following specification:
*Red Hat Enterprise Linux 5 Desktop
We do not validate other Linux distributions. We will consider requests to validate other Linux distributions for which you experience issues, and provide fixes at our discretion.
But for AnyConnect 2.3, Cisco gave these other specifications:
*The following Linux distributions follow the requirements and work with the AnyConnect Client:
*Ubuntu 7 and 8 (32-bit only).
*Red Hat Enterprise Linux 3 or 4. (As of publication, we have not tested AnyConnect with Red Hat Linux 5.
*Fedora Core 4 through 9. To use Fedora 9 with the AnyConnect client, you must first install Sun Microsystems JRE, preferably JRE 6, Update 5 or higher.
*Slackware 11 or 12.1.
*openSuSE 10 or SuSE 10.1.
*x86 instruction set.
*32-bit or biarch 64-bit processor—standalone mode only; web-based install/connect is not supported.
*32 MB RAM.
*20 MB hard disk space.
*glibc users must have glibc 2.3.2 installed. For example libc.so.6 or higher.
*libstdc++ users must have libstdc++ version 3.3.2 (libstdc++.so.5) or higher, but below version 4.
*Firefox 2.0 or later with libnss3.so installed in /usr/local/lib, /usr/local/firefox/lib, or /usr/lib. Firefox must be installed in /usr/lib or /usr/local, or there must be a symbolic link in /usr/lib or /usr/local called firefox that points to the Firefox installation directory.
*libcurl 7.10 or later.
*openssl 0.9.7a or later.
*java 1.5 or later. The default Java package on Fedora is an open-source GNU version, called Iced Tea on Fedora 8. The only version that works for web installation is Sun Java. You must install Sun Java and configure your browser to use that instead of the default package.
*zlib or later.
*gtk 2.0.0, gdk 2.0.0, libpango 1.0.
*iptables 1.2.7a or later.
*tun module supplied with kernel 2.4.21 or 2.6.
AnyConnect supports Mac OS X Version 10.5, 10.6 and 10.6.1 (both 32-bit and 64-bit). It requires 50 MB hard disk space.
The new AnyConnect client activates the proxy option on Internet Explorer, Safari and Chrome during connection.
We recommend using the remote access service with these navigators to be able to access the Library Service databases and electronic magazines
When you disconnect from the service, the proxy configuration of your navigator will return to its usual configuration.
All of this with no need for the final user to intervene.
This question is related to the previous section and the automatic proxy configuration in www browsers to consult Library magazines and databases
The VPN client manufacturer, Cisco, states that the proxy configuration is automatically set and erased in each session, without the intervention of the final user. But we have detected some cases where the proxy configuration of the web browser remains set once we have closed the VPN client.
In this case, the user detects that he is not browsing with the www client. A ping to any other address, an ftp transfer, a telnet or ssh session, or anything other than a www, does work. But the www client does not work.
To solve this problem in IE:
Tools > Internet options > Connections tab > LAN configuration button
In the following window, unmark the "Use a proxy server for LAN" box. Accept, accept, accept.
The new method of connection, through a website, means that the browser or any complement that you may have installed in your computer, permanently saves your username code and password.
In AnyConnect client software the password cannot be saved.
In any case, Information Technologies recommends that you NEVER save your personal password anywhere. Especially if the computer that you are using is not your usual computer or if it is borrowed.
We recommend that you type your password in each session.
1.- Why does the UAM not provide Internet access for its users?.
To do this, the UAM would need to have a supplier for this service.
This would force all users to contract ONLY this supplier. Something that is unfeasible for users who travel to other universities, to another institution with an Internet connection or to another country.
Nor would users be able to take advantage of the Internet access offers that are continuously on the market.
2.- So, recommend me a supplier. The best one.
The quality and service offered by suppliers is very different and there are always new offers. It is difficult to know exactly which is best for each case.
The DGT (Spanish Department of Traffic) does not recommend a car to drive on Spanish roads, any car sold is valid. What would happen if they recommended a specific brand and model?. And when new models are available, would they change their recommendation?. Should the DGT spend time finding out which is the best car or should it ensure that any car can drive on the roads?
1.- Must I connect to the Remote Access Service via VPN each time I go online?
If you are going to consult non-UAM pages or use any other service, do not connect to the Service.
If you are going to consult free access UAM pages or services, do not connect to the Service.
If you are going to access restricted UAM services, connect to the Service.
Read the answers to the following questions for more details.
2.- Must I always connect to the Remote Access Service via VPN to see UAM pages?
Not always, only sometimes. Below we show a few examples.
Must I connect to the Service?
Situation. Examples NO
Most of the www pages and data services offered by UAM. Have free access for all the Internet.
Restricted pages and services that can only be used by UAM members
To access shared folders or printers from your campus computer,
Use the UAM proxy to navigate with your www client.
3.- How can I find out if a UAM resource not included in the previous examples is restricted or not?
Do not connect to the Remote Access Service via VPN.
Try to access the desired resource.
If you can use it, then it is a free access resource.
If a "Denied Access" message appears or a message in Spanish indicating that you are not authorised, it is a restricted resource. You must connect to the Remote Access Service to use this resource.
Address all queries to firstname.lastname@example.org