VPN

Virtual Private Network (VPN) technology allows remote users to access resources that are otherwise only available on campus. A secure connection is established and data traffic is tunneled encrypted through the public internet. The remote computer is assigned an IP address from the Garching MPG campus address range, virtually extending the campus network to the remote user.

MPCDF has been offering a VPN named “General VPN” for all its users, which allowed the access to the MPCDF network from everywhere. For security reasons, this access to the VPN was discontinued on February 1, 2023. From then on, the VPN service is only available to MPCDF and MPQ employees. Users are recommended to employ the VPN of their home institute in order to access the MPG network and to use the MPCDF gateway machines for login or for tunnelling connections to MPCDF service.

VPN Server (Gateway)

vpn.mpcdf.mpg.de

The vpn-gateway is only reachable from outside the Garching MPG campus or via Guest-Networks.

Connection Profile (Group)

The following groups can currently be selected: AllUsers and AllUsers-FullTunnel.

All groups require authentication with a second, one time password (OTP) for increased security and is currently required for users of MPCDF. More information about 2FA and how to set it up for your account is available here.

A split tunnel is set up by default by selecting the group AllUsers. This means that only traffic to the Garching MPG campus (130.183.X.X) is sent through the tunnel, while all other traffic is sent via your local router.

In order to create a full tunnel, with which the entire traffic goes via the Garching MPG campus (130.183.X.X), users can choose the group AllUsers-FullTunnel.

Please note that the users are automatically assigned to their respective groups by the VPN server in the background.

Desktop and Notebook (Windows, Mac OS X, Linux)

To set up the VPN on your computer, just point your browser to
https://vpn.mpcdf.mpg.de

Once logged in, the client for your operating system will be available for download together with futher instructions and screenshots. On the first connection, enter vpn.mpcdf.mpg.de as the server.

Linux Clients

The Cisco AnyConnect client will generally work well under most Linux distributions. After the client has been installed, you should be able to find it in your Applications menu. Alternatively, you can also start it on the command line:

/opt/cisco/anyconnect/bin/vpn connect vpn.mpcdf.mpg.de

Futher documentation for Linux is available here.

The command line tool and open source software OpenConnect is also supported by Cisco for establishing VPN under Linux.

sudo openconnect vpn.mpcdf.mpg.de

The desired profiles can then be selected.

Mobile Devices (Android and iOS)

You can install the Cisco AnyConnect client direcly from the app stores.