LISTSERV 16.5 - CODE4LIB Archives

We have VPN and Proxy(III WAM) available here although for our online 
resources VPN doesn't get you anything special you still go through proxy.  
The regular URLs and Proxy URLs are in a PostgreSQL database and the page with 
the links to online resources is dynamically fed based on your IP (HTTP 
variable HTTP_X_FORWARDED_FOR).  Apache forwards all requests to Zope server 
so that's why I'm not checking REMOTE_ADDR variable.  If your IP is not in our 
domain, that is if the first two octets don't match, then you get a proxy link 
which goes to our III authentication page.  Online resources that are free get 
the same URL for on campus and off campus not a PROXY link.

  I use a simple python script to check the http variable 
'HTTP_X_FORWARDED_FOR' and return 0 or 1 in the variable 'hostname' to a Zope 
(python based WEB server)  page. A simple IF conditional statement determines 
which URL to display based on the return value of the script.

# call the python script ip_add_flag and set the return value to the variable 
hostname
<dtml-call "REQUEST.set('hostname',ip_add_flag())">

<dtml-if hostname>
   <A href="http://<dtml-var vdb_local_url>"><dtml-var vdb_title></a>
<dtml-else>
    <A href="http://<dtml-var vdb_proxy_url>" target="new"><dtml-var 
vdb_title></a> <font size=-2>(opens in a new window)</font>
</dtml-if>

The campus offers a VPN service but you don't get the usual campus domain IP so 
we handle it the same as if it is any other off campus IP, our vendors are not 
given this range either so it is not in the group of IPs for licensing certain 
databases.

As far as user complaints, we have a form that a small group of people here 
receive those submissions and they put it into TRAC and individually work 
through the issues.

Don't know the ratio of Proxy:VPN users, I don't have a definitive range of VPN 
IPs  to work with.  The campus VPN is used to be able to access certain 
servers that are not normally accessible off campus because the vlan they are 
in.

Thomas  




On Monday 25 October 2010 09:33:55 Tim McGeary wrote:
> Hi all,
> 
> I realize that some of you may not directly deal with this issue, but I
> was wondering if I could get some quick replies about how your
> institutions are handling access to off-campus resources via VPN and Proxy.
> 
> Do you offer a VPN service?  If so, do you split-tunnel the traffic so
> that the VPN only handles traffic to inside your campus IP?  If you
> split-tunnel, do users complain about not being able to connect to
> external library resources (databases, journals, etc)?
> 
> Do you offer a Proxy service?  Will your proxy service work for users
> already connected to VPN?
> 
> Do you know an estimated ratio of Proxy:VPN users?
> 
> Thanks,
> Tim
> 

-- 
==========================================
Thomas McMillan Grant Bennett           Appalachian State University
Operations & Systems Analyst            P O Box 32026
University Library                                Boone, North Carolina 28608
(828) 262 6587

Library Systems Help Desk: https://www.library.appstate.edu/help/
==========================================