MUNI Connection from Home (eduVPN)
|
On 1 August 2024, the preferred method of VPN connection from home to the Masaryk University network will change. The new connection will be made through the eduVPN interface, which can be done simply via an app or a newly generated configuration file. Instructions on how to connect both ways can be found below on this page. The VPN connection method you have been using will continue to work until 29 November 2024. |
A VPN (Virtual Private Network) allows employees and students to connect to the university network from anywhere, whether they are at home, abroad or even at another university. Once successfully connected to the VPN, the device behaves as if it were physically connected to the university network.
This gives users access to the university's internal environments, increasing their flexibility. The VPN therefore acts as a secure bridge between users and the university network, providing a secure and encrypted connection that protects sensitive data from unauthorised access
How does VPN work?
The client asks the server to create a tunnel. When the server verifies the user's public key, the client and server create new network interfaces that are connected by a tunnel that is encrypted and through which all data passes.
Thus, along the way, the servers see the communication between the client and server encrypted and are unable to read it. The destination server then decrypts the data and sends it on to the Internet. From the outside, it looks like the client has a computer connected directly to the server.
How does eduVPN and its profiles work?
Connecting with EduVPN is very simple, in the basic configuration you just need to install the official EduVPN app for your platform and log in with your primary password. Instructions for all major platforms are located in the links below on this page.
EduVPN is built on the concept of profiles, which allows precise access control at the network level. Each MUNI member will have a specific set of profiles, which is determined by their faculty and department affiliation. For example, a student of the Faculty of Informatics who is also an employee at the Department of Computer Science will have at least the profiles Student - FI and Employee - ICS, or other, so-called custom (on-demand) profiles for different departments and workgroups.
EduVPN uses two background technologies – Wireguard and OpenVPN. Wireguard is preferred for its better features, lower overhead and better comfort. In addition, Wireguard provides roaming when moving between networks as no connection to the server is established. Wireguard also typically provides higher transfer rates and is slightly easier to configure if manually configured.
Split tunnel
For some profiles, a version of the profile with the SPLIT extension may be available to indicate that it is a split tunnel. A split tunnel only routes data destined to Masaryk University via VPN, this feature is a great advantage for knowledgeable users who have a home/work network split into multiple subnets or need to use multiple VPNs simultaneously.
If your profile does not have a split version available, consider generating your own configuration file following this guide.
Rules for Connecting to eduVPN
By connecting to the VPN, the computer becomes part of the university network. It is therefore necessary to follow the rules for IT and maintain basic computer security.
Custom VPN Profiles
If you need a custom VPN profile to provide access to specific resources, contact your local local IT center. If you do not know which centre you fall under, please submit a request to the university ServiceDesk using the dedicated form.
Sponsored Accounts
Sponsored accounts are created for external collaborators, conference guests or university hotel guests who are unable to use their own personal identification number (UČO). These accounts have a limited time validity and entitle you to use only listed services. For more information on external accounts, please refer to the Sponsored Accounts section of the Groups and Access Management page.
Instructions
The preferred and easiest way to connect to eduVPN is to use the official eduVPN app from GÉANT. It is available for all major platforms (Windows, Linux, macOS, Android, iOS).
Users also have the option to generate their own configuration file and connect to eduVPN through Wireguard or OpenVPN. Further information can be found on the dedicated page and in the guides below.
Learn More
- Frequently Asked Questions
- Common Problems
- Custom VPN Profiles (accessible only for members of the IT community)
Shows instruction for connecting on different operation systems.