VPN: Virtual Private Network

A Virtual Private Network (VPN) is a service that allows you to connect to the University's network when you are not on campus. Some applications managed by the University are limited to the University's network. To access these applications when you are off campus, you will need to use VPN.

    Who should use VPN?

    You will need to use the VPN if you are off-campus and need access to:

    • Active Directory (AD) file shares (P or N drive)
    • Restricted UMD Library resources
    • Private internal networks within the University
    • Private servers and databases used to deliver course content

    You will not need VPN to access web-based UMN resources and services, such as your University email, Google apps (docs, slides, etc.), Canvas, MyU, or Zoom.

    For a comprehensive list of applications that require VPN, see VPN Requirements for UMN Applications (University sign-in required).

    Session Restrictions

    To ensure availability for all users, the following restrictions apply when initiating a new VPN connection:

    • Idle Timeout - Sessions automatically disconnect after 15 minutes if no network activity is detected.
    • Session Timeout - Sessions automatically disconnect after 7 days of continuous use. Logging out and back in will reset the session timer.A countdown of the remaining session time can be found on the AnyConnect window
    • Automatic Reconnect - Sessions will attempt to resume after the device wakes from a suspended state (sleep mode.

    Please log out of the AnyConnect VPN client when you are finished using it.

    Getting Started

    Enroll in Duo Two-Factor Authentication

    Starting January 5th, Duo security will be required for every new login.

    Since the Cisco AnyConnect application does not support the inline Duo Prompt to choose your authentication method, this is handled with the Duo Append Mode. Append Mode by default will send a push notification to your default device, but allows you to choose from our other supported 2FA methods including a passcode, phone call, or push to other devices.

    Download the AnyConnect Client

    Users can connect to the VPN through the Cisco AnyConnect Secure Mobility Client on all operating systems.

    • iOS (iPhone, iPad, iPod) users:  Follow these iOS instructions to download and install the client.
    • AD computer owners:  Follow these AD software instructions  to install the Cisco client from the Microsoft Software Center (does not require elevated rights).
    • All others:  Download and install the VPN client on your computer using the following steps:
    1. Open a web browser and navigate to https://vpn.d.umn.edu
    2. Sign in with your University Internet ID and password.
      • If you receive an error message, verify that you are entering your University Internet ID only. The full email address will not work.
    3. The VPN server will check your device's operating system and download the updated client package.
      • Depending on your OS and browser type, you may need to select Download for [Windows/macOS/Linux] to initiate the download.
      • If the installation process doesn't begin automatically, navigate to the folder where the package was downloaded and double click it.
      • If you are on a Mac and are having trouble with the automatic installer, please download the standalone installer. (10.8+ users may need to set Gatekeeper to temporarily allow applications downloaded from anywhere to install.) Once installed, you will need to type vpn.d.umn.edu into the "Connect to" or host field.

    Connect to VPN

    A stable internet connection is required to connect to the VPN. Please have your Duo device nearby for authentication.

    1. Open the Cisco AnyConnect Secure Mobility Client. If the drop down list is empty, enter vpn.d.umn.edu and click Connect.
      vpn Cisco AnyConnect Ready to Connect
    2. To use the default authentication method, enter your Internet ID (username) and Password, then click Ok. A Duo Security push will automatically be sent to your default Duo device.
      VPN Cisco AnyConnect client sign-in

      To use any other method for authentication, please consult the table below.
      • The format is as follows:  [Internet ID Password],[Type], i.e. comma separated with no additional spaces.
      • If you have multiple devices registered, you may add a number to the end to dictate which device will be used.
        This table outlines the Duo Append Mode choices, shows specific examples, and outlines the intended action.
         Type Example  To...
        passcode password,123456 Login using a passcode generated in Duo Mobile, by a token, or generated Bypass Codes.



        Push a login request to your device of choice.



        Authenticate with a phone callback to your phone of choice.
      • In the table, ˜push2' and 'phone3', would send a push request to the second phone in your list of registered Duo Devices and a phone call to the third.
    3. You will have 10 seconds to approve the login on your Duo device, after which you will be logged into VPN. With successful authentication, the Cisco AnyConnect application should have a message at the top, "Connected to vpn.d.umn.edu"
      VPN Cisco AnyConnect client Connected

    4. When you are finished with the VPN, simply open the AnyConnect window and click Disconnect