![[UNSW]](../../images/unsw_0.png)
Zammad Access
Zammad Access
Access to Zammad's web interface is restricted to on-campus IP addresses (to reduce the security risk of external attackers). However, UNSW's VPN will not route to CSE's AWS network. Thus Zammad is accessible while on campus, but requires a little nouse to access it off-campus.
Here are four ways to access Zammad off-campus.
- Using CSE's VPN
- Using a SSH tunnel to port forward
- Using a SSH tunnel to create a SOCKS5 proxy
- Using a SSH tunnel to create a SOCKS5 proxy combined with SwitchyOmega to only use the tunnel when required
CSE's VPN
Use of CSE's VPN is documented here https://taggi.cse.unsw.edu.au/FAQ/OpenVPN/.
- Pro: Known technology that works without requiring too much depth of knowledge.
- Con: All your traffic passes over the VPN which may not be what you want.
- Con: This is the major one, if you need to use UNSW's VPN for other reasons you'll end up having to switch between the two VPNs when required which might be tedious at best.
SSH Tunnel Port Forward
One can open a local port using ssh that connects to zammad via a machine on campus. The following command will open port 8443 and ssh to login.cse.unsw.edu.au. Any connections to the local port results in being connected to zammad's HTTPS port via login.cse.unsw.edu.au.
To connect to zammad, open https://localhost:8443/ with your web browser. Note: You'll have to proceed past Chrome's warning regarding an invalid certificate as localhost does not match Zammad's certificate.
- Pro: It connects to zammad with affecting any other web or network traffic.
- Pro: Can be used concurrently with the UNSW VPN if required.
- Con: Requires the ssh tunnel to be created each session.
- Con: Requires ignoring and proceeding past a certificate mismatch. Note: The likelihood of this being exploited is low as traffic between login.cse.unsw.edu.au and your machine is securely handled by ssh. Any exploit would either need to compromise CSE networks or your machine. Both unlikely.