A Virtual Private Network (VPN) is a service that allows you to connect to the University's network when you are not on campus. Some applications managed by the University are limited to the University's network. To access these applications when you are off campus, you will need to use VPN.
Who Should Use VPN?
You will need to use the VPN if you are off-campus and need access to:
- Active Directory (AD) file shares (P or N drive)
- Restricted UMD Library resources
- Private internal networks within the University
- Private servers and databases used to deliver course content
- Personal /~web/ sites (commonly referred to as "tilde web sites")
You will not need VPN to access web-based UMN resources and services, such as your University email, Google apps (docs, slides, etc.), Canvas, MyU, or Zoom.
For a comprehensive list of applications that require VPN, see VPN Requirements for UMN Applications (University sign-in required)
Session Restrictions
To ensure availability for all users, the following restrictions apply when initiating a new VPN connection:
- Idle Timeout – Sessions automatically disconnect after 60 minutes if no network activity is detected.
- Session Timeout – Sessions automatically disconnect after 7 days of continuous use. Logging out and back in will reset the session timer. A countdown of the remaining session time can be found on the Cisco Secure Client window.
- Automatic Reconnect – Sessions will attempt to resume after the device wakes from a suspended state (sleep mode).
Please log out of the Cisco Secure Client when you are finished using it.
Getting Started
Enroll in Duo Two-Factor Authentication
Duo security will be required for every new login.
Since the Cisco Secure Client does not support the inline Duo Prompt to choose your authentication method, this is handled with the Duo Append Mode. Append Mode by default will send a push notification to your default device, but allows you to choose from our other supported 2FA methods including a passcode, phone call, or push to other devices.
Download the Cisco Secure Client
Users can connect to the VPN through the Cisco Secure Client on all operating systems.
- University-owned Windows devices: Follow the instructions to install via Software Center (does not require elevated rights).
- University-owned macOS devices: Install via your Self Service catalog (does not require elevated rights).
- All others: Download and install the VPN client for your operating system using the table below.
| Operating System | Download / Install |
|---|---|
| Windows | Download Cisco Secure Client for Windows |
| Mac (macOS) | Download and Install Secure Client for Mac |
| Linux | Download Cisco Secure Client for Linux |
| Apple iOS (iPhone, iPad) | iOS Install and Connection Guide |
| Google Android / Chromebook | ChromeOS Install and Connection Guide |
Connect to VPN
A stable internet connection is required to connect to the VPN. Please have your Duo device nearby for authentication.
Open the Cisco Secure Client. If the drop-down list is empty, enter http://tc-vpn-1.vpn.umn.edu/umd and click Connect.
To use the default authentication method, enter your Internet ID (username) and Password, then click Ok. A Duo Security push will automatically be sent to your default Duo device.
- To use any other method for authentication, please consult the table below.
- The format is as follows: [Internet ID Password],[Type] (comma separated, no spaces)
If you have multiple devices registered, you may add a number to the end to dictate which device will be used.
This table outlines the Duo Append Mode choices, shows specific examples, and outlines the intended action. Type Example To… passcode password,123456 Login using a passcode generated in Duo Mobile, by a token, or generated Bypass Codes. push password,push
password,push2
Push a login request to your device of choice. phone password,phone
password,phone3
Authenticate with a phone callback to your phone of choice. - In the table, 'push2' and 'phone3' send a push request to the second phone in your list of registered Duo Devices and a phone call to the third.
You will have 10 seconds to approve the login on your Duo device, after which you will be logged into VPN. With successful authentication, the Cisco Secure Client should display at the top, "Connected to http://tc-vpn-1.vpn.umn.edu/umd".
