VPN is an acronym for Virtual Private Network. It is a way for people to connect to our guest network securely through the Internet. You can connect your computer to our guest network so that it will appear as though it is a part of our network and you can run your programs off of our data stores (e.g. GeoFrame).

The VPN tunnel into the OpenSpirit Network requires installing Cisco VPN software that enables you to connect to the network. A VPN username and password will also be required to log onto the network, this can be obtained by sending email to support@openspirit.com.

The VPN client software that you will need to install can be downloaded for the supported operating systems.

• Windows Client
• Linux Client
• Solaris Client

After the software is installed, you need to import the OpenSpirit Guest Network Profile File using the following steps:

1. Send an email to support@openspirit.com and ask for the required VPN Profile file.
2. Save the profile file to a you local disk
3. Open the Cisco software VPN client
4. Select the Import button on the VPN client interface
5. Browse to where you saved the profile file and select it
6. Click connect
7. Supply credentials (Username / Password)
8. Connected

The web address that you should be connecting to is:

guest.openspirit.com

Our VPN is using a protocol called IPSec. IPSec VPN port assignments for uses of Encapsulation Security payload (protocol 50) and Authentication Header (protocol 51).
Port 88 for Kerberos authentication in TCP/UDP and port 500 for Internet Security Association and Key Management Protocol in TCP/UDP.

SSL VPN for secure HTTP application uses port 443.
PPTP encapsulates packets using GRE- Generic routing protocol which uses IP port 47.

The IANA list 1723 as the port for VPN.

A common mistake in configuring firewalls for use with PPTP is to open port 1723 and close IP port 47. This allows connections to be established but denies the actual data from passing through the tunnel to the machine. Some software utilities verify if both the ports are open for GRE in PPTP to be used.

L2TP protocol is assigned 115 as its port number.

MPLS-in IP uses port 137

For the systems that use VPN hardware normally port 500, 4500, 10000 & 10001 are used. One for outgoing traffic and the other for incoming traffic.

Suppose you want to run the OpenSpirit satellite on your Windows PC, connected into the OpenSpirit guest network using VPN. This won't work unless you do something about the IP address that is stored in the object references to objects the UserServer hosts, like the UserProfile and Session objects. Note also that applications which receive events do so by exporting an object that is called with event information. Hence, the INT viewers (or any event consumer) will not receive events unless the IP address is fixed.

Each object reference points to an object in another process, potentially running on another machine. It must contain a reference to the host machine in addition to other information that identifies the object it references. The host is identified by an IP address. When you are using VPN or when you have multiple network cards connected to separate networks, your machine has more than one IP address. The one picked up by the OpenSpirit application when it builds the object reference is arbitrary and in the case of VPN, it typically uses the IP address assigned to your machine's network adapter, not the IP address assigned to your VPN connection. The OpenSpirit services will need the object references to use the IP address assigned by the VPN host in order to communicate back to the objects running on your PC.

Now you should have two essential questions:

1. How to find the IP address to use?
2. How to get it passed to the OpenSpirit applications you want to run on your PC?

1. Obtaining the IP address:

You can obtain lots of detailed information using the ipconfig command in a DOS window. In the Start -> Run... dialog, enter the command cmd and click OK. In the DOS window that comes up, enter the command

ipconfig /all

It will show several IP addresses for each "adapter". You want the one labeled "IP Address" for the adapter in the VPN connection.

NOTE: Your PC will likely be assigned to a different IP address each time a new VPN connection is established. You will need to use the ipconfig command to discover the new IP address and update it in any .bat files or environment variable settings that you may have set.

2. Passing the IP address to OpenSpirit applications:

Running the OpenSpirit runtime client:

All you need to do is modify one file in the OpenSpirit installation directory. The file is in %OSP_HOME%/bin/etc, where %OSP_HOME% is the location of the OpenSpirit installation. Usually this is something like "C:Program FilesOpenSpirit". The file is named "ospenv.bat". Look for a section that looks like the following:

REM ORB values
set ORB_OPTS=-Dopenspirit.host=%OSP_HOST%
                      -Dopenspirit.port=%OSP_PORT% %ORB_OPTS%

Add a new line to something like:

REM ORB values
set ORB_OPTS=-DOAIAddr=10.10.11.203
set ORB_OPTS=-Dopenspirit.host=%OSP_HOST% 
                                 -Dopenspirit.port=%OSP_PORT% %ORB_OPTS%

Running OpenSpirit example programs (developers only):

For the OpenSpirit C++ examples you need to pass "-ORBIIOPaddr" as a command line argument to the script. For example, if your script file name is runProducer.bat, it takes the arguments "-session ", and your ip address is 10.10.11.123, then you would start the Producer program with:

runProducer.bat -session mySession -ORBIIOPAddr inet: 10.10.11.123:9000

The "-ORBIIOPaddr" arguments should end up being passed through to the osp_Connection.connect() call.