VPN

A VPN (Virtual Private Network) is a secure network that allows remote access to the Weizmann Institute’s central network, enabling Institute employee to perform their work securely, directly on the Institute’s network, from home or while traveling.

When accessing the Internet via an ISP other than the Weizmann Institute of Science, you are required to use external VPN software, with connection enabled via your SecurID.

Please note! To obtain a SecurID, your department administrator must first register you via Internal Services, for the RSA Soft Token service.

Installation Instructions 

Installation instruction quick links:

Usage instruction quick links:

 

Windows (via Client)

To connect to the Weizmann internal network using the Full VPN Client ver. 82.50, follow the steps in the guide:

  1. Download the VPN client installation file from this link.
  2. Run the downloaded MSI file.
  3. In the wizard choose Endpoint Security VPN.

  1. In Destination Folder window, proceed with defaults and click Install.
  2. You will be prompted to restart the computer. Save all open documents and click Yes to restart.
  3. After restart, double-click on the yellow lock icon in the taskbar.

  1. In the dialogue window, click Yes to configure a new site, then click Next.

  1. In Server Address or Name enter "svpn.weizmann.ac.il", then click Next.

  1. In Authentication Method dialogue choose SecurID, then click Next.

  1. In SecurID Authentication dialogue choose Pinpad.

  1. Click Next, and then Finish to complete the installation.
  2. In the "Would You Like to Connect dialogue", click Yes.
  3. Enter your Weizmann UserID in Username field, and the 8 digits token in Tokencode field. To get the correct 8 digits Token Code, make sure you insert your PIN Code in “Weizmann Authentication” field of the RSA app.

  1. Click Connect. The green lock icon in the taskbar will show a green dot upon successful connection.

Windows (via IE)

When accessing the Check Point VPN software for the very first time, you are required to perform the following:

  1. Install/update Java software version 8.
  2. Allow pop-ups on the site.
  3. Go to svpn.weizmann.ac.il
  4. Choose Standard Sign In, and enter your Institute user ID and password (from the RSA app).

  1. When asked to install the Check Point Deployment Agent add-on (at the bottom of the browser), double-click Install to initiate installation, then click Next.

  1. Proceed while approving all defaults until a window asking you to authorize the Check Point server appears. Do so by clicking Trust Server.

  1. When the Internet Explorer Security window pops up, asking you to authorize Web content access, enable the check box next to Do not show me the warning for this program again and click Allow.

  1. Upon installation completion, a Windows Security Alert window will appear. Enable the check box next to Private networks, such as my home or work network, and click Allow access.

  1. You will now be presented with Institute network connection settings. To ensure that these settings are correct, verify that the address that appears next to Office Mode IP begins with 132.76 or with 132.77.

 

Windows (via Chrome)

When accessing the Check Point VPN software for the very first time via Chrome, you are required to perform the following:

  1. Install/update Java software version 8.
  2. Go to svpn.weizmann.ac.il on the Chrome browser.
  3. Choose Standard Sign In, and enter your Institute user ID and password (from the RSA app):

  1. Allow pop-up windows in the page that opens:

  1. In the opened window click the link to download the update, and open the msi file downloaded:

  1. Wait until the installation process end, and approve the messages that appear:

  1. At the end, the status will change to "Connected":

 

 

 

Macintosh (via Self Service)

  1. The easiest way to install Checkpoint vpn is via the Weizmann Self Service app.
  2. Launch the application and log in
  3. Search vpn in the search field
  4. Click the install button.
  5. After the instillation finishes, launch the vpn app and continue from step 10 in the client tutorial

 

  1. Macintosh (via client)

    To install the Check Point VPN software on a Macintosh:

    1. You must first check for the operating system version installed on your computer. To do so, select the About This Mac command in the Apple menu, and review the operating system version presented in the window that appears.
    2. The installation is supported for macOS 10.15 and up.
    3. If your computer is running the supported version, download Endpoint Security VPN.
    4. Double-click the relevant installer file (DMG) in your downloads folder to open it, then double-click Endpoint_Security_VPN.pkg in the window that appears.

    1. Click Continue to initiate installation.

    1. Very important: Disable the Firewall option in the installer


    2. Enter your computer user password to authorize the installation.

    1. Upon installation completion, click Close.

    1. The VPN software icon will now appear on the menu bar.

    1. Click the icon and choose the Connect command.

    1. To authorize creation of a new site, click Yes.

    1. To continue installation, click Next.

    1. Enter the IP address svpn.weizmann.ac.il in the Server address or Name field, enable the check box next to​ Display name, enter Weizmann VPN in the field next to this option and click Next.

    1. When presented with a security certificate warning, click Trust and Continue.

    1. When requested to select an authentication method, select SecurID.

    1. In the SecurID Authentication window, select Use PinPad Card and click Next.

    1. Click Finish to complete the process.

    1. When asked if you wish to connect to the VPN, click Yes.

    1. Enter your user ID and the passcode generated by the RSA SecurID mobile app, then click Connect.

    You'll then be presented with a connection progress indication.

    1. You are now connected to the Weizmann Institute network, as reflected by the green indication on the connection icon.

    1. Upon completing your work, be sure to disconnect from the network by clicking Disconnect, and confirm your request to disconnect by clicking Yes. To reconnect, click Connect.

     

    Linux

    To install Check Point VPN software on a Linux computer, perform the following in a terminal window:

    1. Download the installation script via the following command:
      curl -L -o svpn.sh https://www.dropbox.com/scl/fi/uy6sfezmg3ccrsjs8p44f/svpn.sh?rlkey=lz7po2wpt5dxc2w91hi7uszae&dl=1
    2. Run the script as follows:
      sudo bash svpn.sh
    3. To complete installation, add a shortcut for the application by running the source ~/.bashrc command or adding an alias (alias svpn='snx -s svpn.weizmann.ac.il -u ') to your .bashrc/.cshrc/etc.
    4. Run svpn username to connect, or use the full snx command: snx -s svpn.weizmann.ac.il -u username

    * Ubuntu users need to change the packages repository server to an Italian one due to missing 32bit libraries on Israeli repositories. See the link below for instructions:
    https://help.ubuntu.com/community/Repositories/Ubuntu
    * Fedora 31 (and higher) users can no longer install snx due to lack of 32bit libraries.

     

    iOS

    To install the Check Point VPN software on an iOS device:

    1. Look up the Capsule Connect app on the Apple app store via the following link:
      http://is.gd/GNjKMp
    2. You may alternatively locate the app by using your iOS device to scan in the following QR code:

    1. Install the Capsule Connect app by tapping the download/installation icon.

     

    Android

    To install the Check Point VPN software on an Android device:

    1. Look up the Capsule Connect app on the Google Play store (see below).

    1. You may alternatively locate the app by using your Android device to scan in the following QR code:

    1. Install the Capsule Connect app by tapping the Install button.

    1. Tap the Accept button when requested to accept the app's access privileges.


     

    Installing/Upgrading to Java Software Version 8

    You must first verify that required Java software is in fact available on your computer.
    Do so via the Windows Start menu, by accessing Start -> Settings -> Control Panel ->
    Programs and Features -> Java 8 Update 25
    .

    Should this software not exist at the relevant location, or is available in a lower version (such as Java 6 or Java 7), access the site http://www.java.com/en in your browser, and select Free Java Download.

    Following installation of the current software version, restart your computer.

     

    Authorizing Pop-ups

    Authorizing pop-up windows in Internet Explorer:

    1. Click the Internet Options command on the Tools menu, and access the Privacy tab.
    2. Should the check box next to Turn on Pop-up Blocker be enabled, click the Settings button next to this option.
    3. In the window that appears, enter https://svpn.weizmann.ac.il in the Address of website to allow field, click Add and close the window by clicking Close.
    4. Click OK to close the Internet Options window.


    Authorizing pop-up windows in Mozilla Firefox:

    1. Click the Options command in the main menu () and access the Content tab.
    2. Should the check box next to Block pop-up windows be enabled, click Exceptions.
    3. In the window that appears, enter https://svpn.weizmann.ac.il in the Address of website field, click Allow and close the window by clicking Close.
    4. Close the Options window by clicking OK.

    Instructions for Use

    Windows

    1. To log into the VPN network, access the URL https://svpn.weizmann.ac.il in your browser.
    2. The Check Point VPN software is supported in the Internet Explorer , Google Chrome, and Mozilla Firefox browsers.
    3. Enter your Institute user ID and your password, which comprises 4 fixed digits + your 6 SecurID digits.
    4. You are now connected to the Weizmann Institute network. Do not close the browser, so long as you wish to remain connected via VPN.
    5. When you have concluded your work, be sure to disconnect from the Institute’s network by clicking Disconnect.

    Macintosh

    1. Launch the Check Point VPN Client application from the Dock or from your installed applications folder.
    2. Click Connect in the application user interface.
    3. Enter your user ID, PIN and current token code if you have an RSA SecurID card. If you're using the RSA SecurID mobile app, enter your user ID and the passcode generated by the app.
    4. Click Connect.
    5. You can also open https://svpn.weizmann.ac.il on Safari and Chrome.

    Linux

    To log into and disconnect from the VPN network on a Linux computer, perform the following via a terminal window:

    1. Connect to the VPN network via the following command:
      svpn 'your user ID' (for example, svpn user1)
    2. Use the following command to disconnect:
      snx -d

    Notes:

    • You may require root access. Should that be the case, use the sudo sh svpn terminal command to assign it.
    • Replace username with your WIS user ID (in lowercase).
    • RSA physical keyfob users: The password is comprised of your 4 fixed PIN digits + your 6 SecurID digits.
    • RSA mobile phone app users: The password is comprised of your 8 SecurID digits.

    iOS

    1. Open Capsule Connect by tapping the OPEN button right after installing the app, or by tapping the app icon on your iOS device’s relevant home screen.

     

    1. When asked to Enable VPN, tap the Yes button.
    2. Tap the Scan QR Code option under New Connection. If, for any reason, you're unable to scan QR codes, skip to step 4.

    scan in the following QR code:

    Once you've scanned in the appropriate QR code, skip to step 5.

    1. If unable to scan in QR codes, tap the Manual Connection option under New Connection.

    Enter Weizmann VPN in the name field and svpn.weizmann.ac.il in the server address field, as shown below, then tap the Create button.

    When asked to authorize the certificate, tap the Trust button.

    When asked to select an authentication method, tap the RSA SecurID option.

    Tap the PinPad option, then tap < Authentication to return to the authentication method selection screen.

    1. Enter your user ID and the passcode generated by the RSA SecurID mobile app, then tap the Connect button.

    1. You are now connected to the Weizmann Institute network and the Capsule Connect app will display connection statistics (connection duration, your user ID and more). You may tap the Disconnect button to disconnect from the Institute’s network.

    1. You may alternatively tap and swipe the app display to the left, to view additional information, as shown below:

    Android

    1. Open Capsule Connect by tapping the OPEN button right after installing the app, or by tapping the app icon on your Android device’s relevant home screen.

     

     

    1. Tap the camera icon on the screen that appears to create a new connected by scanning a QR code. If, for any reason, you're unable to scan QR codes, skip to step 3.

     

    scan the following QR code:

    Once you've scanned in the appropriate QR code, skip to step 4.

    1. If unable to scan in QR codes, enter Weizmann in the name field and svpn.weizmann.ac.il in the server address field, as shown below, then tap the Create button.

    When asked to select an authentication method, tap the RSA SecurID option.

    You will now be presented with the following two options:

    tap the PinPad option.

     

    1. Enter your user ID and the passcode generated by the app, then tap the Connect button.

    1. You are now connected to the Weizmann Institute network and the Capsule Connect app will display connection statistics (connection duration, your user ID and more). You may tap the Disconnect button to disconnect from the Institute’s network.