Skip Menu

Return to Skip Menu

Main Content

AHNR-IT Network FAQ

This section provides answers to frequently asked questions and explanations of network terminology for Virginia Cooperative Extension (VCE), Agricultural Research Experiment Station (AREC) and 4-H Center personnel located in field offices around the state.

  1. What is VPN, how does it affect me, and why do I need it?
    VPN, or Virtual Private Network, is a method for securely transporting data over the internet. Each unit office, AREC and 4-H Center has a network VPN “tunnel” to the Virginia Tech campus to encrypt business data over the unencrypted internet. Without this tunnel, data you send to campus could travel across the internet in a human readable form. The tunnel exists to strengthen the security of our sensitive business data and is therefore a requirement of not only CALS/VCE, but also the university.
  2. I am still having a hard time grasping the concept of VPN. Can you draw a picture of it for me?
    Absolutely. Here is a general diagram of how your network is configured, for the semi-technically minded: VPN Network Diagram.
  3. What do I do if my network is down?
    If you suspect your unit office, AREC or 4-H Center network is down, you should call your district AIT or the Ag Help Desk at (540) 231-4865. Your call will then be properly routed for resolution.
  4. What is the bandwidth at my office?
    You can check your site’s bandwidth and service type at: ISP Information
  5. Do I have a firewall?
    Your network is not behind a firewall per se, but there are security principals in place that prevent erroneous internet traffic from entering your local network. Each computer at your office that runs Windows XP or Vista has a client firewall that is enabled through the Control Panel, but the network itself does not place firewall restrictions on traffic.
  6. Am I on the "campus network"? Why is this important to me?
    VCE has been assigned addressing within the campus address space and these addresses are handed out to all VCE/AREC/4-H Center network users through a method known as Dynamic Host Configuration Protocol (DHCP). The VPN tunnel from your local router to campus is configured to make your computer appear to be a “virtual” part of the campus network, meaning that from a network point of view, your computer appears to be sitting in Blacksburg even though you may physically be sitting somewhere else in the state. Many university services, such as Banner and Exchange only allow connections from “campus” networks. Therefore, if for some reason your VPN tunnel connection to campus goes down or has issues, you will lose connectivity to those services until the tunnel connectivity is restored.
  7. How can I connect to my office computer from home?
    In order to connect to a machine located in your office from an off-campus network (such as your house or a hotel room), you must create and use a “Client VPN” connection. Instructions for obtaining and using a Virginia Tech Client VPN account can be found at:
    Windows XP
    Windows Vista
    Mac OSX 10.2/10.3/10.4
    Mac OSX 10.5/10.6
  8. I want to go to Best Buy and purchase a small desktop switch to allow me to share the single ethernet port in my office with a network printer (or another computer) co-located in my office. Can I do this?
    If you run into this situation, please contact Mark Crawford (markc@vt.edu, 540-231-5294) or Stephanie Collins (collinss@vt.edu, 540-231-1794) before you purchase any network related equipment.
  9. When our network went down, I was asked to verify the cable connections of the router and switch. How do I know what this looks like?
    The network equipment is typically wired together in the following fashion:
       

    Broadband Wiring Broadband (Cable/DSL) Sites

       

    T1 Wiring Example ATM/T1 Sites


  10. What is Extension Wireless Access (EWA)? Do I have it? What are the policies regarding wireless on VCE networks? What do I need to do to get wireless access in my office?
    EWA refers to a wireless network that can be installed at any unit office, AREC or 4-H Center giving laptops and other wireless-capable computers access to the internet through the office’s internet connection maintained by AHNR IT. By default, offices are not EWA capable; this service is available to all offices as an add-on option. The cost for the equipment and subsequent installation to provide the service is the responsibility of the requestor. Wireless networks installed by end users are prohibited by university policy because of security concerns.

    The CALS policy on EWA adopted from university computing policies, including procedures to obtain the service, is available at: Wireless Network Access Policy and Procedures for VCE Unit Offices and ARECs.
  11. What is the cost for EWA at my office?
    Cost for EWA is dependent on many factors, such as the physical layout of the office, proximity of the network equipment to the users, number of anticipated wireless users, etc. The one-time cost can range from as little as $315 up to several thousand dollars. This is why a wireless survey is necessary before EWA can be purchased or installed, to provide an estimate of cost based on physical conditions.
  12. I am a technically savvy person, can I circumvent the EWA cost or procedure by going to Best Buy and purchasing a cheap wireless access point and connecting it to our office network? Why can’t I do this?
    You could purchase such equipment, but it would be a waste of money. The network is configured to allow only secured authenticated wireless access points to connect to the internet. Off-the-shelf, less secure wireless equipment will not function with your network. These security measures are in place to protect you and your data. EWA is the only university compliant solution available for wireless access.
  13. Ok, we purchased the equipment for EWA and it was installed. How do I get connected to the wireless?
    Click here for Instructions for connecting to EWA    .
  14. My office is moving to another location. How do I request that my network be moved as well?
    There is a policy relating to office moves and how this affects your network. Generally speaking, network moves must be requested a minimum of 90 days prior to the needed date in order to allow time for procurement of services. The full policies and procedures relating to network moves can be found at: Network Move Policy.
  15. What are the computing policies of the College of Agriculture and Life Sciences?
    Computing policies for CALS/VCE, adapted from university policies, can be found at:  (URL of the policy, which needs to be adapted and written)

ATM/T1: An ATM/T1 circuit is a business class internet connection provided by Network Virginia (a consortium among Verizon, Virginia Tech and Sprint/Embarq). Typically, this type of internet connection differs from broadband in that the bandwidth is symmetrical (1.544 megabits) and guaranteed, unlike the “best-effort” asymmetrical bandwidth of broadband. This service provides fast resolution to technical issues, but also carries a high price tag for monthly service.


Broadband: Broadband is the term used to describe internet service for the masses. It is generally a cost effective, easy to install, high bandwidth service provided by either a local cable TV provider or the local phone company (DSL). The downside to broadband is that it is not a guaranteed service and that problem resolution can be more time consuming than that of a business-class service such as T1.


Cable: Cable service is broadband internet service provided by cable television companies, brought on site over standard television coaxial cable. This service can co-exist with existing television service on the same line, but in the case of VCE, it is typically installed in a “dry loop” configuration meaning that there is no service provided other than internet. Bandwidth is shared between local cable internet customers, meaning that speeds can vary based on the number of customers transferring data simultaneously.


Campus Network: The campus network is defined by the network IP address space that is assigned to Virginia Tech.


DSL:  A Digital Subscriber Line is the phone company’s broadband internet service, brought on site over copper telephone lines. This service can co-exist with plain old telephone service (POTS) on the same line, and in the case of VCE, is typically installed on an office’s fax line. The bandwidth of DSL is directly dependent on the physical proximity of the office to the telephone company’s DSL facilities. The further away the office, the less bandwidth is available for use.


Demarc:  A demarcation (demarc for short) is the point where the ISP’s service enters the site. In the case of broadband service, the demarc is defined by the location of the DSL or Cable modem. If your site is an ATM/T1 site, the demarc is where the telephone company has installed telephone service on to the premises. In some cases, it is necessary to “extend” the demarc in order to bring the internet cabling to the location of your network equipment, when it does not exist in the same location as the building demarc.


Firewall: A firewall is a set of rules processed against network traffic, typically (but not always) at the point where your office network connects to the internet. These rules allow, deny, route and log network traffic based on characteristics defined by the network administrator.


ISP: An ISP, or Internet Service Provider, is the business entity that provides you with your internet service. Typically, offices receive their internet service from either a broadband company (DSL, Cable) or through Network Virginia (ATM/T1).


Router: Each unit office, AREC and 4-H Center has one router. The router is a piece of network hardware that acts as your security gateway to the internet, controlling how network traffic flows to the outside world. The router is also the endpoint for the VPN tunnel and handles local office IP address assignments. We currently use the following routers, depending on what type of internet service your office has:

   

Typical T1 Site Equiupment Cisco 2800 Series (used at ATM/T1 Sites)

   

Typical Broadband Site Equipment - Cisco 831 with 2950 switch Cisco 831 Router (top) & Cisco 2950 Switch (bottom) (most offices)

   

Cisco 881w Broadband and Router with Wireless Front Cisco 881w Wireless Broadband Router (front)

   

Cisco 881w Broadband Router with Wireless Back Cisco 881w Wireless Broadband Router (back)


Smart Jack:  A smart jack is the piece of telephone company network equipment that terminates a T1 circuit at the building demarc. The smart jack is owned by the phone company and is connected through copper cabling to your office’s router. In a sense, it is the T1 equivalent of a broadband modem.

Switch:  Each unit office, AREC and 4-H Center has at least one switch. Some offices may have more than one switch depending on various physical factors of the office facility. The switch is a piece of network hardware that controls all local network traffic (traffic between computers and printers that does not travel across the internet). We currently use the following switches:

   

Typical Broadband Site Equipment - Cisco 831 with 2950 switch Cisco 831 Router (top) & Cisco 2950 Switch (bottom) (most offices)

   

Cisco 2960 Switch - New deployment Cisco 2960 Switch (all future switch installs, already deployed at a few offices)