VPN: Virtual Private Network

A Virtual Private Network (VPN) is a service that allows you to connect to the University's network when you are not on campus. Some applications managed by the University are limited to the University's network. To access these applications when you are off campus, you will need to use VPN.

    Who should use VPN?

    You will need to use the VPN if you are off-campus and need access to:

    • Apps4U and BYOD
    • Active Directory (AD) file shares (P or N drive)
    • Restricted UMD Library resources
    • Private internal networks within the University
    • Private servers and databases used to deliver course content

    You will not need VPN to access web-based UMN resources and services, such as your University email, Google apps (docs, slides, etc.), Canvas, MyU, or Zoom.

    For a comprehensive list of applications that require VPN, see VPN Requirements for UMN Applications (University sign-in required)

    Session Restrictions

    To ensure availability for all users, the following restrictions apply when initiating a new VPN connection:

    • Idle Timeout - Sessions automatically disconnect after 60 minutes if no network activity is detected.
    • Session Timeout - Sessions automatically disconnect after 7 days of continuous use. Logging out and back in will reset the session timer.A countdown of the remaining session time can be found on the AnyConnect window
    • Automatic Reconnect - Sessions will attempt to resume after the device wakes from a suspended state (sleep mode.

    Please log out of the AnyConnect VPN client when you are finished using it.


    Getting Started

    Enroll in Duo Two-Factor Authentication

    Starting January 5th, Duo security will be required for every new login.

    Since the Cisco AnyConnect application does not support the inline Duo Prompt to choose your authentication method, this is handled with the Duo Append Mode. Append Mode by default will send a push notification to your default device, but allows you to choose from our other supported 2FA methods including a passcode, phone call, or push to other devices.

    Download the AnyConnect Client

    Users can connect to the VPN through the Cisco AnyConnect Secure Mobility Client on all operating systems.

    • iOS (iPhone, iPad, iPod) users:  Follow these iOS instructions to download and install the client.
    • AD computer owners:  Follow these AD software instructions  to install the Cisco client from the Microsoft Software Center (does not require elevated rights).
    • All others:  Download and install the VPN client for your operating system in the tables below.

    Windows Operating Systems

    This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Windows.
    Client Versions Download
    AnyConnect for Windows

    This client supports 32-bit and 64-bit processors.

    4.9.04043 Download

    Macintosh Operating System (macOS)

    This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Mac.
    Client Versions Download
    AnyConnect for macOS X

    This client supports 32-bit and 64-bit processors.

    4.9.04043 Download

    Linux Operating System

    This table outlines the processor requirements, version number, and a download link for the AnyConnect VPN client on Linux.
    Client Versions Download
    AnyConnect for Linux 64-bit

    This client supports 64-bit processors.                  

    4.9.04043 Download

    Connect to VPN

    A stable internet connection is required to connect to the VPN. Please have your Duo device nearby for authentication.

    1. Open the Cisco AnyConnect Secure Mobility Client. If the drop down list is empty, enter vpn.d.umn.edu and click Connect.
      vpn Cisco AnyConnect Ready to Connect
    2. To use the default authentication method, enter your Internet ID (username) and Password, then click Ok. A Duo Security push will automatically be sent to your default Duo device.
      VPN Cisco AnyConnect client sign-in

      To use any other method for authentication, please consult the table below.
      • The format is as follows:  [Internet ID Password],[Type] (i.e. comma separated with no additional spaces.)
      • If you have multiple devices registered, you may add a number to the end to dictate which device will be used.
         
        This table outlines the Duo Append Mode choices, shows specific examples, and outlines the intended action.
         Type Example  To...
        passcode password,123456 Login using a passcode generated in Duo Mobile, by a token, or generated Bypass Codes.
        push

        password,push

        password,push2

        Push a login request to your device of choice.
        phone

        password,phone

        pasword,phone3

        Authenticate with a phone callback to your phone of choice.

         

      • In the table, 'push2' and 'phone3', would send a push request to the second phone in your list of registered Duo Devices and a phone call to the third.
    3. You will have 10 seconds to approve the login on your Duo device, after which you will be logged into VPN. With successful authentication, the Cisco AnyConnect application should have a message at the top, "Connected to vpn.d.umn.edu"
      VPN Cisco AnyConnect client Connected

       
    4. When you are finished with the VPN, simply open the AnyConnect window and click Disconnect