Connecting to the Off-Campus VPN

 

Note: An updated version of this article can be found in Service Hub.

 

When possible it's preferred to use Remote Desktop instead of VPN.  If you have an IT role, VPN should only be used from a UNI managed laptop. Others especially those accessing level 3 data, should be aware that level data cannot be stored on a personal computer. 

Connecting to the VPN allows access to on-campus network resources that are otherwise not available from off-campus. VPN access is provided upon request to faculty and staff.  Access can be requested via Security Request System under Work @UNI tab in myUNIverse portal.  The system is VPN, there are roles for off campus access (External) and on campus access (Internal).  The VPN_External_UNI is most common, others are for access to specific systems. Unless specified otherwise in special circumstances, the VPN will be a split-tunnel, where traffic destined to UNI travels over the VPN but traffic to other destinations (including Google for Gmail, Google Drive, etc.) will travel over your normal internet connection. 

Note: IT may provide different groups or addresses to use in special circumstances. Please substitute those if provided. These instructions will vary slightly depending on your operating system, choice of browser, and the plugins installed on your system. The instructions below provide the steps that will be needed on most systems. You must be connected to a network with access to install the VPN software prior to using it. If you need additional assistance, contact the Service Desk at (319) 273-5555 or visit https://servicehub.uni.edu.

 

It is strongly suggested that VPN be used from a UNI managed computer or other device. If you are using a UNI managed computer or device client services will need to assist with the installation. If you are using the VPN from a non-UNI managed computer or other device, the following instructions are available. 

Windows install instructions for UNI managed devices

Mac install instructions for either UNI or personally owned devices

Windows install instructions for personally own devices

Connection instructions

 

 

Installing the Cisco VPN Client in Windows

We will install Cisco AnyConnect through the program Software Center. Open the Start Menu and find the folder for “Microsoft Endpoint Manager”. Open that colder and click on “Software Center”.

Microsoft Endpoint Manager

Cisco AnyConnect should appear in the list of available programs. Look for the program with this icon and click on it.
If you don’t see Cisco AnyConnect in this list, create an Incident on https://servicehub.uni.edu and request that it be added.

Software Center

Click the blue “Install” button. Cisco AnyConnect will install in a couple minutes.
After Cisco AnyConnect is installed, the button will change to say “Uninstall”.

 


Installing the VPN Client on Mac

  1. Visit https://sslvpn.uni.edu in the browser of your choice (Safari, Firefox, Google Chrome.)
  2. Make sure the “Group” drop down box has “General” selected.
  3. Enter your CatID username and password.

Log-in Window

  1. Click “Login”
  2. If you are enrolled in Duo for multi-factor authentication, the Duo application will appear. Use your desired method to authenticate. If available, “Push” is the recommended action. Those not enrolled in Duo will skip to the next step automatically.

Duo Prompt

  1. If you choose push, the push request will appear on your smart phone. Tap “Approve.”

Duo Approval Screen

  1. If you choose “Call Me,” Duo will call your phone and provide instructions to approve the request.
  2. If you choose “Enter as Passcode,” you may type a Duo passcode from any of the following: the Duo App installed on your smartphone or tablet,the code provided on a hardware token that you have been given, or one of the codes received via SMS from Duo.
  3. Click the “Download for macOS” link to download the VPN software to your computer. The filename will begin with “anyconnect” and will be a disk image (DMG) file.

MacOS AnyConnect Download

  1. Double-click the AnyConnect DMG file downloaded in step 9.
  2. Double-click the “anyconnect-macos*.pkg” file to install the AnyConnect VPN client software.

AnyConnect DMG file

  1. Follow the on-screen prompts to install the Cisco AnyConnect Secure Mobility Client. Approve and/or log into any Administrative prompts that may appear.
  2. When the install is complete, click “Close” in the Cisco AnyConnect Secure Mobility Client setup window.
  3. If desired, you may drag the AnyConnect VPN disk mount on the desktop to the trash to dismount it.


Connecting to the VPN using the Windows Application

  1. Launch the “Cisco AnyConnect Secure Mobility Client” via the start menu.
  2. Enter “sslvpn.uni.edu/<name>” into the box, where name is the name of the VPN you are instructed to use. This typically is "General" for faculty and staff or "Students" for students.

Anyconnect client - Windows

  1. Enter your CatID username and password into the username and password boxes. 

anyconnect login

  1. Select the Duo authentication of choice, we recommend using Duo Push with your smartphone application.

DUO Prompt

  1. Tap “Approve” to approve the authentication.”

Duo Approval

  1. If you choose “Call Me,” Duo will call your phone and provide instructions to approve the request.

  2. If you choose “Enter as Passcode,” you may type a Duo passcode from any of the following: the Duo App installed on your smartphone or tablet or the code provided on a hardware token that you have been given.

  3. The AnyConnect client will connect to the VPN.
  4. If there is a period of inactivity, the VPN will automatically disconnect.
  5. When you wish to disconnect, open the client again and click “Disconnect.”

Anyconnect Disconnect


Connecting to the VPN using the Mac Application

  1. Launch the “Cisco AnyConnect Secure Mobility Client” via Spotlight or by launching it from the Applications folder.
  2. Enter “sslvpn.uni.edu/<name>” into the box, where name is the name of the VPN you are instructed to use. This typically is "General" for faculty and staff or "Students" for students.

AnyConnect Connect

  1. Enter your CatID username and password into the username and password boxes.

AnyConnect Login

  1. Tap “Approve” to approve the authentication.

Duo Approval

  1. If you choose “Call Me,” Duo will call your phone and provide instructions to approve the request.
  2. If you choose “Enter as Passcode,” you may type a Duo passcode from any of the following: the Duo App installed on your smartphone or tablet or the code provided on a hardware token that you have been given.
  3. The AnyConnect client will connect to the VPN.
  4. If there is a period of inactivity, the VPN will automatically disconnect.
  5. When you wish to disconnect, open the client again and click “Disconnect.”

Anyconnect Disconnect

 

Installing the VPN Client on Windows - This requires Administrative Rights on the machine

  1. Visit https://sslvpn.uni.edu in the browser of your choice (Internet Explorer, Firefox, Google Chrome.)
  2. Make sure the “Group” drop down box has “General” selected.
  3. Enter your CatID username and password

Login window

  1. Click “Login”
  2. If you are enrolled in Duo for multi-factor authentication, the Duo application will appear. Use your desired method to authenticate. If available, “Push” is the recommended action. Those not enrolled in Duo will skip to the next step automatically.

Duo Prompt

  1. If you choose push, the push request will appear on your smart phone. Tap “Approve.”

Duo Approval

  1. If you choose “Call Me,” Duo will call your phone and provide instructions to approve the request.
  2. If you choose “Enter as Passcode,” you may type a Duo passcode from any of the following: the Duo App installed on your smartphone or tablet,the code provided on a hardware token that you have been given, or one of the codes received via SMS from Duo.
  3. Click the “Download for Windows” link to download the VPN software to your computer. The filename will begin with “anyconnect.”


Cisco AnyConnect Windows

  1. Run the anyconnect file downloaded in step 9.
  2. Follow the on-screen prompts to install the Cisco AnyConnect Secure Mobility Client. Approve and/or log into any User Account Control prompts that may appear.
  3. When the install is complete, click “Finish” in the Cisco AnyConnect Secure Mobility Client setup window. You may be prompted to restart your computer. Please do so if requested.

 

Installing the VPN Client on Linux - This requires administrative rights

The anyconnect client can be installed or you can use the open-connect-sso python wrapper

https://github.com/vlaci/openconnect-sso. 

 

Connecting to the VPN using the Android Application

  • The Cisco Anyconnect VPN app can be found in the play store.
  • Select Add new VPN Connection
  • Set server address to "sslvpn.uni.edu" 
  • Optionally add a description and select done
  • On main screen enable VPN by moving slider
  • Follow prompts to authenticate.  
  • You will be prompted to select a VPN profile.

 

 

 

 

 

 

Staff

Aaron Howard - Network Architect & Manager, Network & Infrastructure Services
Ryan Dupuy - Network Engineer, Network & Infrastructure Services
Shane Folkerts - Network Engineer, Network & Infrastructure Services
  • ITTC 36
  • (319) 273-5555
  • Service Hub