VPN: Virtual Private Network

A Virtual Private Network (VPN) is a service that allows you to connect to the University's network when you are not on campus. Some applications managed by the University are limited to the University's network. To access these applications when you are off campus, you will need to use VPN.

Who Should Use VPN?

You will need to use the VPN if you are off-campus and need access to:

  • Active Directory (AD) file shares (P or N drive)
  • Restricted UMD Library resources
  • Private internal networks within the University
  • Private servers and databases used to deliver course content
  • Personal /~web/ sites (commonly referred to a "tilde web sites")

You will not need VPN to access web-based UMN resources and services, such as your University email, Google apps (docs, slides, etc.), Canvas, MyU, or Zoom.

For a comprehensive list of applications that require VPN, see VPN Requirements for UMN Applications (University sign-in required)

Session Restrictions

To ensure availability for all users, the following restrictions apply when initiating a new VPN connection:

  • Idle Timeout - Sessions automatically disconnect after 60 minutes if no network activity is detected.
  • Session Timeout - Sessions automatically disconnect after 7 days of continuous use. Logging out and back in will reset the session timer.A countdown of the remaining session time can be found on the AnyConnect window
  • Automatic Reconnect - Sessions will attempt to resume after the device wakes from a suspended state (sleep mode).

Please log out of the AnyConnect VPN client when you are finished using it.


Getting Started

Enroll in Duo Two-Factor Authentication

Duo security will be required for every new login.

Since the Cisco AnyConnect application does not support the inline Duo Prompt to choose your authentication method, this is handled with the Duo Append Mode. Append Mode by default will send a push notification to your default device, but allows you to choose from our other supported 2FA methods including a passcode, phone call, or push to other devices.

Download the AnyConnect Client

Users can connect to the VPN through the Cisco AnyConnect Secure Mobility Client on all operating systems.

  • iOS (iPhone, iPad, iPod) users: Follow the iOS instructions to download and install the client.
  • AD computer owners: Follow the AD software instructions to install the Cisco client from the Microsoft Software Center (does not require elevated rights).
  • All others: Download and install the VPN client for your operating system in the tables below.

Windows Operating Systems

This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Windows.
ClientVersionDownload

AnyConnect for Windows 

This client supports 32-bit and 64-bit processors.

5.0.05040Download AnyConnect for Windows

Macintosh Operating System (macOS)

This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Mac.
ClientVersionsDownload

AnyConnect for macOS X 

This client supports 32-bit and 64-bit processors.

5.0.05040Download AnyConnect for macOS X

Linux Operating System

This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Linux.
ClientVersionDownload

AnyConnect for Linux 64-bit 

This client supports 64-bit processors.

5.0.05040Download AnyConnect for Linux 64-bit

Connect to VPN

A stable internet connection is required to connect to the VPN. Please have your Duo device nearby for authentication.

  1. Open the Cisco AnyConnect Secure Mobility Client. If the drop down list is empty, enter vpn.d.umn.edu and click Connect.
Screenshot: VPN: Cisco AnyConnect client. 'Ready to Connect' with 'vpn.d.umn.edu' entered.'
  1. To use the default authentication method, enter your Internet ID (username) and Password, then click Ok. A Duo Security push will automatically be sent to your default Duo device. 
Screenshot: VPN Cisco AnyConnect client sign-in.
  1. To use any other method for authentication, please consult the table below.
    • The format is as follows: [Internet ID Password],[Type] (i.e. comma separated with no additional spaces.)
    • If you have multiple devices registered, you may add a number to the end to dictate which device will be used.

      This table outlines the Duo Append Mode choices, shows specific examples, and outlines the intended action.
      TypeExampleTo…
      passcodepassword,123456Login using a passcode generated in Duo Mobile, by a token, or generated Bypass Codes.
      push

      password,push

      password,push2

      Push a login request to your device of choice.
      phone

      password,phone

      password,phone3

      Authenticate with a phone callback to your phone of choice.
    • In the table, 'push2' and 'phone3', would send a push request to the second phone in your list of registered Duo Devices and a phone call to the third.
  2. You will have 10 seconds to approve the login on your Duo device, after which you will be logged into VPN. With successful authentication, the Cisco AnyConnect application should have a message at the top, "Connected to vpn.d.umn.edu" .
Screenshot: VPN Cisco AnyConnect client. 'Connected to vpn.d.umn.edu'.
  1. When you are finished with the VPN, simply open the AnyConnect window and click Disconnect.