VPN (Virtual Private Network) Access

Introduction

A virtual private network (VPN) allows you to temporarily create or join a private network across an existing public network by creating an encrypted tunnel between two hosts. The encryption protects the data your computer or mobile device transmits and receives over the internet, enabling secure remote access to restricted online resources.

Many public wireless networks (such as those provided by hotels and restaurants) are not encrypted, leaving transmitted data unprotected and vulnerable to electronic surveillance. Even data originating from a secure network (for example, one provided by your employer or school) may be vulnerable if they are being transmitted to another secure network over the public internet. To prevent data from being intercepted (especially confidential financial data, or data protected by federal laws, such as FERPA  and HIPAA data), businesses, government offices, universities, and other institutions use VPN systems to encrypt data transmitted between their secure networks and remote users.

VPN at ISU

At Indiana State University, Office of Information Technology delivers a centrally managed, fault-tolerant SSL VPN service for use. Establishing a VPN connection creates a secure tunnel between your off-campus computer or mobile device and the ISU network, allowing you to access online services and resources that are configured to refuse connections from outside the ISU network (such as ISU Print queues, certain library databases, and most network storage devices). Also, you need an ISU VPN connection to make a remote desktop connection from off-campus.

Note! Whenever you are off-campus and cannot connect to an ISU service, connect to the VPN to check whether that fixes the problem. If you can not reach an application through the VPN this may because of additional security reasons. If you encounter this, please contact the Technology Support Center at 812-237-2910.

Before You Connect

Stop! Your account must be set up to use the Microsoft Office 365 Multi-Factor Authentication (MFA). Please see the Knowledge Base Article on How to Setup and Edit Office 365 Multi-Factor Authentication (MFA) and related articles.
Stop! Staff and Faculty must use an ISU managed and maintained device to perform any official business for the university through the VPN.

Connect to the VPN

For the greatest reliability across the widest range of platforms and network configurations, OIT recommends and supports using the Cisco AnyConnect VPN Client, where available, to connect to ISU's SSL VPN. If you are unable to find the software application then you must install the client on your machine. Please see the "Installing the Cisco AnyConnect Client" section below. The client for the old VPN will work with the new VPN, it will be automatically updated on your first login.

Launch the Cisco AnyConnect Secure Mobility Client Application

  1. In windows the icon will look like the following on the Start screen:

Or if you use the program list the application looks like the following:

If you are unable to find this software application then you must install the client on your machine. Please see the "Installing the Cisco AnyConnect Client" section below.

  1. If you have previously used the AnyConnect VPN client with the old ISUVPN, be sure to point to the new VPN at "vpn.indstate.edu" and click on Connect

 

  1. Enter your credentials in the login pop up window.
  2. Be sure the Group is set to “Indiana State University”.

  1. Click/select "OK" the window will disappear and you should immediately receive a notification from Microsoft MFA.
  • If you are using a TOKEN authentication enter the TOKEN code when prompted.
  1. Once connected use your computer/applications as normal.
  2. If you need access to your shared drive letters you can run the login script by selecting the Run Login Script application from the program list.

  1. When you are finished you can disconnect from the VPN. You can either re-launch the application or simply select the AnyConnect Taskbar ICON   to reopen the application and disconnect. Your connection will automatically be terminated when you logout or shutdown your computer.

Installing the Cisco AnyConnect Client

You will only need to install the client if you don't already have it installed. To install the VPN client you must have Adminstrative rights to the system. If you are not comfortable with installing the software please contact the Technology Support Center at 812-237-2910.

  • For university-managed Windows systems on the ISUAD domain you must install the client through Software Center. 
  1. Enter “Software Center” in the “Type here to search” box at the bottom left of your Windows screen
  2. Select the Software Center App.
  3. Once the App opens, select the Cisco AnyConnect VPN Client.
  4. Select Install.
  5. Follow the instructions in the install wizard for downloading and installing the AnyConnect VPN Client.
  • An alternative is to install the VPN client through a web browser. For the first time installation on Windows, Macintosh and Linux remotely follow the example below. You will need administrator access to install the client using this method. 
  1. Open your web browser to https://vpn.indstate.edu.
  2. Login with your personal ISU Username and passphrase, after you enter your information you will then need to respond to the Microsoft MFA Approval request.

  1. You will get a confirmation window after you login and have confirmed the MFA request. Click "Continue".

 

  1. You will be presented with a screen to install the appropriate version of the Cisco AnyConnect client for your operating system. If you need assistance to install the client click on the “Instructions” button in the bottom right. When ready click the “Download for Windows” (Or your OS listed) button and follow the prompts per the instructions on the page.

Things You Need to Know

  • Your account must be set up to use the Microsoft Office 365 Multi-Factor Authentication (MFA). Please see the Knowledge Base Article on How to Setup and Edit Office 365 Multi-Factor Authentication (MFA) and related articles.
  • ISU's SSL VPN is for off-campus and ISU-SECURE wireless use only; it will not allow you to establish a connection if your device is connected via Ethernet or on ISU-OPEN network.
  • Faculty, Staff, Student Employees, Educational Affiliates and Business Affiliates of the university are authorized to use the VPN service. All other users will be declined.
  • Staff and Faculty must use an ISU managed and maintained device to perform any official business for the university through the VPN.
  • To ensure accountability of network communication, the University Information Policy Office prohibits group accounts from connecting to ISU's SSL VPN. To make a VPN connection, you must log in using your personal ISU username and passphrase.as well as respond to the Microsoft MFA approval request.
  • You can connect a maximum of two devices at a time to ISU's SSL VPN. If you try to connect a third device while you already have a connection running on two other devices, you'll see a prompt asking whether you want to maintain the existing connections and cancel the new connection request, or break one of the existing connections and establish a new connection.
  • When you connect to the all of your traffic will be directed through the VPN. Therefore you will not be able access any home printers or other devices while the connection is established through the VPN.
  • There is a known issue with Microsoft MFA sometimes not instantly sending the notification message or sending the requests multiple times. This is an MFA issue not a VPN issue. Best to just try again or wait for the requests to stop.
  • The VPN only supports the Cisco AnyConnect Secure Mobility Client. 
  • The VPN does NOT support RSA Token login. Additionally you should return your RSA Hard Token to OIT if you have one.
  • The VPN client will auto-update as new versions of the software becomes available. You may be prompted to reboot.
  • The legacy VPN appliance at  ISUVPN will be retired mid to late 2020.

Additional Resources

Contact the Technology Support Center at 812-237-2910 if you need further assistance.

 

Was this helpful?
67% helpful - 6 reviews

Details

Article ID: 98772
Created
Wed 2/19/20 1:43 PM
Modified
Tue 8/3/21 10:37 AM