SSL VPN — Badminton School

SSL VPN is only allowed for privileged remote access to internal systems. At present this is limited to just the IT Services team. If you have a need for remote access to an internal system when working remotely please raise a ticket via the helpdesk and the team will evaluate the best way of getting you connected.

SSL VPN creates a secure tunnel between an external computer and the School's firewall. Once connected you can use remote desktop to connect to approved computers only. In some cases you may be allowed to directly connect to specific internal web resources as well.

The SSL VPN will only tunnel connections to your PAW, all local and internet traffic will not use the VPN.

Configure 2FA with the Firewall

Step 1 - Navigate to https://firewall.badmintonschool.co.uk

Step 2 - Login with your normal user account

Step 3 - You will be prompted to setup your MFA token

Step 4 - Using the 2FA app of choice on your phone, scan the QR code to add the token. We suggest Microsoft Authenticator, Google Authenticator or LastPass.

Step 5 - Confirm the 2FA code to complete the process

Preparing you're personal PC or work laptop

Step 1 - Open the Microsoft Store and download SonicWALL Mobile Connect

Step 2 - Open Windows Settings and Navigate to VPN Settings

Step 3 - Click App VPN and enter the following settings:

VPN Provider: SonicWall Mobile Connect
Connection name: Badminton School
Server name or address: https://vpn.badmintonschool.co.uk:4433

Connecting to the VPN

Step 1 - Click on the wifi/sound task bar icons and click on the VPN icon.

Step 2 - Click on Badminton School and click Connect

Step 3 - Enter your username and password (no domain needed)

Step 4 - Enter the code from your 2FA app

Step 5 - The VPN should now be connected

Step 6 - To disconnect click on the VPN connection and choose disconnect.

Remote Desktop to your Privileged Access Workstation (PAW)

You can now connect to your PAW using a compatible remote desktop client (RDP, Remote Desktop Connection Manager) Access to other internal resources is not available via the VPN, you must connect to your PAW first and then perform your admin tasks from there.

Your PAW must be on an IP reservation and added to the allowed list of targets on the VPN otherwise it will not be accessible.

Step 1 - Open remote desktop connection

Step 2 - Enter the IP address of your PAW, it is a good idea to note this down somewhere useful as you cannot use the computer name due to DNS being your local DNS, not the School's DNS.

Step 3 - When connecting enter your username and password. Your Username must include the domain name e.g. badminton-edu.local\username and you cannot use PIN or Face unlock with remote desktop.

Step 4 - If prompted accept the certificate error (as you are using IP not the hostname) and tick the box don't ask me again.

Remember to disconnect the Remote Desktop session and VPN connection when you have finished working.