by

Anyconnect Setup



  1. Anyconnect Client Configuration
  2. Anyconnect Setup Wizard
Give feedback

Open the unzipped folder labeled anyconnect-win-repack. Right-click on the Install-batch file and select Run as Administrator. A command window will open and show the install of the VPN client as well as the diagnostics and reporting tool. Click Finish, if applicable. Note: If you run without administrative privileges, the command.

Learn about UCSD's expanded virtual private network (VPN) service, which lets you create protected connections to UCSD's network from remote locations.

VPN Use During Temporary Remote Work Directives Spring 2020

In response to the surge in remote workers, IT Services has significantly upgraded the capacity and performance of the VPN service. As such you should feel free to rely on the VPN anytime you are working remotely. When connected to the VPN using the 2-Step Secured - allthruucsd group, all of the traffic to and from your home or remote computer has malware filtered exactly as any on-campus computer does. However, the VPN should not be used when you are not working, such as when a family member is using your personal computer. Note that most academic and student services do not not require you to be logged in to VPN. Faculty and staff are encouraged to use the VPN when working on administrative activities. Find information on VPN setup.

Anyconnect Client Configuration

Continue by clicking the respective link to install the VPN client. Accessing The Cisco AnyConnect VPN. Once installed, open the application by locating it in your folder (All Programs Cisco Cisco AnyConnect Secure Mobility Client) Or search for “Cisco AnyConnect Secure Mobility Client” in the search bar. Download AnyConnect. Double click on the Cisco AnyConnect software icon. (If using Windows 8/8.1, from the Start screen, tap or click the Desktop tile, then tap or click the Libraries icon in the Navigation pane. Tap or click Downloads, then double-click on the Cisco AnyConnect software icon.). VPN AnyConnect (Client-based) VPN AnyConnect is the preferred way to access the Library's resources from off campus. To use VPN AnyConnect, you need to be able to install software on your device. Anyconnect is one of the most popular and Highly secured VPN clients,It is periodically updated to implement new features and mitigate latest vulnerabilities. In order to upgrade the client you can either upload the new PKG file on the ASA or install the standalone packages on end user computer.

These services require VPN:

  • Shared Network Drives
  • Cognos/Tableau
  • Remote Desktop to computers or VMs
  • TN3270 (IFIS/ISIS)
  • Library resources (requires 2-Step Secured - allthruucsd)
  • Staging links to preview CMS websites (requires 2-Step Secured - allthruucsd)
  • Canvas does not require VPN but is recommended if connecting outside the U.S.
  • AccessLink
  • TechWiki
  • Some department-specific applications (iDocs, BAMTRAC, CRIS)


The UCSD VPN creates a virtual private connection over public networks using encryption and other security checks to help protect against computer data transmission interception. It also helps ensure only authorized users can access campus networks. With VPN, network computing traffic between your remote machine (off-campus or wireless) and campus passes over a single, encrypted connection, and your remote machine has a UCSD IP address.

Two-step login is required for VPN connections. Learn more about VPN and two-step login.

Note

Instructions for UC San Diego Health and Health Science VPN users can be found at mcvpn.ucsd.edu.

VPN Services

  • AnyConnect - Cisco software VPN client which offers the maximum capabilities and performance.
  • EasyConnect - web-based VPN portal at https://vpn.ucsd.edu, which allows secure access to many campus services, electronic library resources, and remote desktop computing without requiring the installation of a software client.

Connect to UCSD's VPN using one of these options:

  • VPN AnyConnect client — Download the client for secure access to UCSD services, including Library resources using:
    • Conventional installation:
  • EasyConnect Web interface to access UCSD services (except the Libraries) — Easily and securely access UCSD services without installing the client. Mac OS X users: EasyConnect Web interface should only be used with computers running Mac OS X 10.8 and newer. Older versions of Mac OS X are no longer supported.
    1. Go to https://vpn.ucsd.edu
    2. Enter your Active Directory (AD) username and password.
    3. Select EasyConnect from the Group drop-down menu, and click Sign On.
    4. You now can access campus services by clicking a link from the list, such as:
      • Campus Exchange (Outlook Web Access)
      • Campus Network Status
      • Link Family (FinancialLink, TravelLink, etc.)
      • SysWiki (for campus system administrators)

      You can also access services by typing a URL in the Address field.

  • iPhone/iTouch/iPad 6.0.x and above
    • Set up your iPhone or iPad to access the VPN.

To reset your Active Directory (AD) username or password, go to https://adweb.ucsd.edu/adpass or contact your department's system administrator.

Setup

VPN Pools

Anyconnect Setup
  • The VPN service offers the ability to create department-specific pools, which can be used to control access to departmental resources. Please contact your IT support staff for additional information on accessing or using pools for your department. If you do not have IT support staff, then contact the ITS Service Desk.
  • To access a VPN pool, when logging in to the VPN, enter your username followed by '@' the pool name. For example, to access the ITS pool, enter 'username@ITS'.

For additional technical info on the VPN service, please see the VPN article on the TechWiki.

To ask questions, request a service, or report an issue, contact the ITS Service Desk, (858) 246-4357.
Note: This page has a friendly link that's easy to remember: http://blink.ucsd.edu/go/vpn
Setup
This article refers to the Cisco AnyConnect VPN. If you're looking for information on the Prisma Access VPN Beta that uses the GobalConnect app, see: Prisma Access VPN Landing Page.
If you're not sure which service you're using, see: How do I know if I'm using the Cisco AnyConnect VPN or the Prisma Access VPN?

On this page:

Primer

This guide will assist with the installation of the Cisco AnyConnect VPN client for Windows (Vista, 7, 8.1 and 10).

Anyconnect Setup Wizard

Installation

Anyconnect Setup

You need administrator level account access to install this software. When prompted with Windows UAC (User Access Control) you need to allow to install this software.

  1. Download the VPN installer from MIT's download page, Cisco AnyConnect VPN Client for Windows. Note:MIT certificates required.
  2. Find and double click the downloaded file named 'anyconnect-win-4.5.XXXXXX.exe', where XXXXXX is the sub-version number of the installer.
  3. On the following screen titled 'Welcome to the Cisco AnyConnect Secure Mobility Client Setup Wizard', click Next.
  4. When presented with the software license agreement, click I accept on the slide-down menu and click Next.
  5. Click Install when prompted (Note: the user must be an administrator of the machine to install).
    Note: You may be warned the program comes from an unknown publisher and asked to confirm that you want to allow it to make changes to your computer. Click Yes to continue.
  6. When installer begins installation you will see
  7. Click Finish when prompted to complete installation.

    Connect

  8. Launch Cisco AnyConnect.
  9. Enter the address of the MIT Cisco VPN:
    • Duo (two-factor authentication) required users must use: vpn.mit.edu/duo.
    • Non-Duo (single-factor authentication): vpn.mit.edu
  10. Click Connect.
  11. When prompted, enter your MIT username and password.
  12. For Duo users, in the field labeled 'Second Password' you can enter one of the following options:
    1. push - Duo will send a push notification to your registered cell phone with the Duo Security mobile app installed
    2. push2 - Duo will send a push notification to your _second registered device with the Duo Security mobile app installed_
    3. sms - Duo will send anSMSto your registered cell phone; then enter that as your second password (you will fill out the login info twice with this method, first to get the sms code, then to enter it)
    4. phone - Duo will call your registered cell phone
    5. phone2 - Duo will call your second registered cell phone
    6. The one time code generated by your hardware token or the Duo Security mobile app (the code changes ever 60 seconds)
      In this example, we've entered 'push' in the 'Second Password' field.
      Sometimes methods with lag time, like Call, will time out before allowing you to complete Duo Authentication. SMS and one time codes generated by your hardware token (yubikey) or the Duo Security mobile app are the fastest methods and can help you avoid time-out issues.
      'How to call different devices'
      If you have multiple devices that can use the same method, for instance two mobile phones or two phones that can receive phone calls, you can reference them by different numbers. For instance, to call the top device on your managed devices page (http://duo.mit.edu), you can use 'phone' (for the default) or 'phone1' to call the second phone, you can use 'phone2'.


  13. In this example, you will receive a push notification on your cell phone. Click Approve.
  14. Cisco AnyConnect should now present you with the MIT VPN banner and the VPN connection will complete.

See Also