Husky OnNet Remote Network Access (VPN)
UW-IT recently announced the availability of a new service for secure remote connections to the UW network, called Husky OnNet. This service is provided at no additional cost to UW students, faculty and staff as part of the Basic Bundle of services covered under the Technology Recharge Fee. To access the service, go to the Husky OnNet UWare page at itconnect.uw.edu/connect/
Why Do I Need Husky OnNet?
Husky OnNet, a client-based ssl-vpn service, provides individuals using MacOS and Windows devices with a secure temporary connection to the UW network from remote locations. Users connecting their device to a third-party ISP (e.g., from home, a conference, a café, at the airport, etc.) can use Husky OnNet to connect to the UW network and access resources not available through the public internet. These resources might include research databases, departmental servers, specialized applications, licensed journals, desktops, printers, etc.
Access to UW Project 172 (p172) Resources
The premise of UW Project 172 is that it is useful to add a new class of campus-wide networks that are analogous to what a typical home LAN user experiences when behind a residential gateway/router. To that end, all UWAA hosts with 'p172' addresses, e.g. '172.25.33.31', are not accessible from off-campus networks, thus limiting the hosts exposure to outside network attacks and exploits. The Husky OnNet virtual private network (VPN) connection provides your client with an on-campus network address, allowing access to 'p172' hosts and other network resources.
Access to On-Campus DHCP Hosts
Virtually all on-campus hosts with dynamically assigned IP addresses have 'p172' addresses and are not accessible from off-campus networks. Knowing the desired on-campus host's IP address, by using the Husky OnNet client, you will be able to access these hosts. For example, when the on-campus host is properly configured, use Microsoft Remote Desktop Connection to connect with a 'p172' Windows host, or use an SSH-enabled terminal or X11 GUI-based application to connect to a 'p172' Linux host. >/p>
Comcast and other ISP's block commonly used network service ports, including Windows SMB/CIFS ports 135-139 and 445, which prevents you from directly accessing Windows share volumes. You can bypass this problem by using Husky OnNet, which encapsulates network traffic, using ports that are not blocked.
Husky OnNet automatically encrypts network traffic before transmission, ensuring en route data security and protecting against man-in-the-middle attacks.
The service is powered by the f5 BIG-IP Access Policy Manager (APM). The MacOs and Windows Husky OnNet clients provided by UW-IT are slightly modified versions of the corresponding f5 BIG-IP Edge Clients.
Husky OnNet and the corresponding UW-IT support for the service is currently limited to two clients: MacOS and Windows. Other clients (e.g., Android) are available from appropriate app stores. While UW-IT is not initially supporting these other applications, users who are able to download, configure and use them are welcome to do so. Please note that there is currently no Linux or IOS (iphone/ipad) client available that will work with UW-IT’s authentication system; UW-IT is actively tracking the vendor’s efforts to support this feature request for future versions of these clients.
Available to all current UW students, faculty and staff.
Husky OnNet is not intended to be used for accessing UW Medicine resources. (UW Medicine supports and manages its own ssl vpn service for access to UW Medicine resources, and users will be directed to UW Medicine for appropriate support.)
Husky OnNet clients for Mac OS and Windows will be available via the Husky OnNet UWare page at: itconnect.uw.edu/connect/uw-
Husky OnNet is made available as part of the Basic Bundle of services associated with the Technology Recharge Fee (TRF). There is no additional cost to use the service.
UW-IT support for download, installation and connection to the UW network via Husky OnNet MacOS and Windows clients is available at firstname.lastname@example.org and 206 -221-5000.