「SoS VPN Service」の版間の差分

2025年12月3日 (水) 16:41時点における最新版

Information Technology Team > SoS VPN Service

日本語

1 Overview

1.1 Purpose of use

The SoS VPN service provides secure access to your Department/laboratory subnet from external networks. Since it is not desirable for security reasons to directly disclose individual servers and printers to the outside, access to the internal network from the outside is basically denied at the School of Science. By using this service, users can access a file server or printer from a terminal connected to an external network in the same way as if they were directly connected to a network within a department or laboratory.

Access to journals contracted by university using this VPN service is not permitted. Please use the following university-wide services.

EZproxy

1.2 Service type

The School of Science offers a VPN using client software and an L2TP VPN using functions built into the OS. In VPN using client software, department or laboratory managers need no special management of VPN service. L2TP VPN is supported by many OS, so users can use it with relatively simple settings. See the table below for detailed differences.

	VPN using client software	L2TP VPN
Preparation of department or laboratory manager	no	assing dedicated IP addresses for L2TP VPN
host management	by MAC address for VPN interface (same as wired network)	no (no unique MAC address)
Environment	Windows	Windows, Mac, iOS(iPad, iPhone)

2 Eligible Users

Faculty, staff, and students with a UTokyo Account who are authorized by their departmental or laboratory network administrator.

3 Supported Environments

VPN using client software:
- Windows
L2TP VPN connection:
- Windows, macOS, iOS (iPad, iPhone)

4 Usage Procedure

To connect to the School of Science VPN service, you need a **SoS VPN account** and **SoS VPN password**. Check your network information on the following page:

SoS My Network Status (coming soon)

4.1 Notes

Access to the above page requires UTokyo Account authentication. If you cannot access it, confirm your UTokyo Account service registration here:

Using School of Science Services with UTokyo Account

5 L2TP VPN Setup

For detailed setup instructions per device, refer to:

https://ja.softether.org/4-docs/2-howto/L2TP_IPsec_Setup_Guide

5.1 Settings

Server	TBA
Pre-shared key Account Password	See SoS My Network status page above
Authentication	PAP

6 VPN Using Client Software

6.1 Download Client Software

This VPN service uses **SoftEther VPN**. Download and install the client software from:

http://www.softether-download.com/

Select **SoftEther VPN Client** in the component menu and choose your OS. Linux and macOS options are available, but these require command-line usage and manual network configuration. macOS instructions are not included in the official manual.

Manual and setup guide:

https://ja.softether.org/4-docs/1-manual

6.2 Settings

Hostname	TBA
Port	443 (default)
Virtual HUB name	sos (select from list)
Authentication type	Password authentication (select from list)
Username Password	See SoS My Network status page above

@@ 8行目: / 8行目: @@
 == Overview ==
+=== Purpose of use ===
+The SoS VPN service provides secure access to your Department/laboratory subnet from external networks.
+Since it is not desirable for security reasons to directly disclose individual servers and printers to the outside, access to the internal network from the outside is basically denied at the School of Science.
+By using this service, users can access a file server or printer from a terminal connected to an external network in the same way as if they were directly connected to a network within a department or laboratory.
-=== Purpose ===
+<span style="color: red;">Access to journals contracted by university using this VPN service is not permitted. </span> Please use the following university-wide services.
-The School of Science VPN service allows secure connections from external networks to departmental or laboratory networks.
-Directly exposing internal servers or printers to external networks is not recommended for security reasons, so external access to internal networks is generally blocked.
-By using this service, users can access file servers and printers from external networks as if they were directly connected to the departmental or laboratory network.
-<span style="color: red;">Access to university-wide contracted electronic journals via departmental VPN is not permitted.</span>
+* [https://www.lib.u-tokyo.ac.jp/en/library/literacy/user-guide/campus/offcampus/ezproxy EZproxy]
-Please use the following university-wide service instead:
-* [https://www.lib.u-tokyo.ac.jp/ja/library/literacy/user-guide/campus/offcampus/ezproxy EZproxy]
-=== Types of Service ===
+=== Service type ===
-The School of Science VPN service provides:
+The School of Science offers a VPN using client software and an L2TP VPN using functions built into the OS.
-* **VPN connection using client software**
+In VPN using client software, department or laboratory managers need no special management of VPN service.
-* **L2TP VPN connection using OS built-in features**
+L2TP VPN is supported by many OS, so users can use it with relatively simple settings.
+See the table below for detailed differences.
-Client software-based VPN allows administrators to manage connected devices similarly to wired LAN, while L2TP VPN is supported by most operating systems and can be configured easily by users.
-See the table below for details:
 {| class="wikitable"
-! !! VPN using client software !! L2TP VPN connection
+! !! VPN using client software !! L2TP VPN
 |-
-| Preparation by network administrators before use || Not required || Requires IP address allocation for L2TP VPN service
+| Preparation of department or laboratory manager || no || assing dedicated IP addresses for L2TP VPN
 |-
-| Device management method || Managed by VPN MAC address (same as wired LAN) || No per-device management (follow departmental/lab rules)
+| host management || by MAC address for VPN interface (same as wired network) || no (no unique MAC address)
 |-
-| Supported environments || Windows || Windows, macOS, iOS (iPad, iPhone)
+| Environment || Windows || Windows, Mac, iOS(iPad, iPhone)
 |}
@@ 48行目: / 45行目: @@
 To connect to the School of Science VPN service, you need a **SoS VPN account** and **SoS VPN password**.
 Check your network information on the following page:
-* [https://xxx.jp/my/ SoS My Network Status]
+<!-- * [https://xxx.jp/my/ SoS My Network Status] -->
+* SoS My Network Status (coming soon)
 === Notes ===
 Access to the above page requires UTokyo Account authentication.
 If you cannot access it, confirm your UTokyo Account service registration here:
-* [https://xxx.jp/hoge/ SoS Service Application Page (temporary)]
+* [[Using School of Science Services with UTokyo Account]]
 == L2TP VPN Setup ==
@@ 59行目: / 57行目: @@
 * https://ja.softether.org/4-docs/2-howto/L2TP_IPsec_Setup_Guide
-=== Required Settings ===
+=== Settings ===
-* Server: xxx.adm.s.u-tokyo.ac.jp
+{| class="wikitable"
-* Pre-shared key:
+! Server
-* Account: SoS VPN account
+| TBA <!-- xxx.adm.s.u-tokyo.ac.jp -->
-* Password: SoS VPN password
+|-
-* Authentication: PAP
+! Pre-shared key <br /> Account <br /> Password
+| See SoS My Network status page above
+|-
+! Authentication
+| PAP
+|}
 == VPN Using Client Software ==
@@ 79行目: / 82行目: @@
 * https://ja.softether.org/4-docs/1-manual
-=== Required Settings ===
+=== Settings ===
-* Hostname: xxx.adm.s.u-tokyo.ac.jp
+{| class="wikitable"
-* Port: 443 (default)
+! Hostname
-* Virtual HUB name: sos (select from list)
+| TBA <!-- xxx.adm.s.u-tokyo.ac.jp -->
-* Authentication type: Password authentication
+|-
-* Username: SoS VPN account
+! Port
-* Password: SoS VPN password
+| 443 (default)
+|-
+! Virtual HUB name
+| sos (select from list)
+|-
+! Authentication type
+| Password authentication (select from list)
+|-
+! Username <br /> Password
+| See SoS My Network status page above
+|}
 [[Category:Information Technology Team]]