Virtual Private Network (VPN)

VPN Home

If you've connected to UVA WiFi on Grounds within the last few months, you likely have one.

If not, follow the instructions to get a digital certificate for VPN.

1. Click on the Start menu and search for Add or Remove Programs.
2. Select Cisco Secure Client, then click Uninstall.

Note: Do not try to run the uninstaller on the disk image unless you are unable to find the uninstaller listed below.

1. Use the Finder to browse to Applications > Cisco.
2. Run the Uninstall Cisco Secure Client app.
3. If you do not have the Uninstall Cisco Secure Client app, you will need to run the version on the disk image.
   
   1. Open the installer disk image and double-click on Uninstall Cisco Secure Client.
   2. You may encounter the following error screen:
       
   3. Click OK.
   4. Go into System Preference > Security & Privacy > General tab. Click the Open Anyway button as shown below.
       
   5. You will then see the following. Click Open. 
      
   6. You can then click Uninstall to uninstall Cisco Secure Client.
      

Instructions

1. Get the Cisco VPN Client Software and run the installer once it downloads.
   
   • If you can't install software on your computer, contact your departmental local support partner (LSP) (mobile-friendly version).
2. You will then see the WinZip Self-Extractor dialogue box and click OK. Note that you may not be prompted to reboot the machine by the installer, but ITS recommends a reboot after the installation completes.
   
3. Accept the defaults to go through the installer.
4. Once installed, open the software by going to the search box at the bottom left-hand corner of the screen and type Cisco Secure Client and click to select.
5. If users need to access local network resources, such as network printers at home, while in full tunnel mode and connected to the More Secure Network VPN or High Security VPN service, they may need to enable the “Allow Local (LAN) access when using VPN” option in the Cisco Secure Client preferences/options (if you do not need LAN access, skip this step):
   
   1. Be sure you've selected the appropriate VPN profile (e.g., High Security VPN) and then click the preferences button.
      
   2. When in the preference screen, click the Allow local (LAN) access when using VPN (if configured) box.
      

Installation

1. Get the Cisco VPN Client Software and install it on your computer.
   
   • If you can't install software on your computer, contact your departmental local support partner (LSP) (mobile-friendly version).
2. Open the new UVA VPN disk image and run “UVA-VPN-Install-5.1.2.42”. You may encounter one or more of the following dialog boxes. Be sure to “Allow” or enable each of the different items.
   
    
   

   Click Open System Settings.

   Once in System Settings, click the slider next to “Cisco Secure Client – AnyConnect VPN Service” and enter your Admin credentials when prompted.
   

   Click Open System Settings. In the “Privacy and Security” section, click “Allow” under “System software from Application “Cisco Secure Client – Socket Filter” was blocked from loading” and enter your Admin credentials.

   
   Click Allow.

   There may also be several prompts about notifications and background tasks. Hover over each and if prompted with an “Options” selector, choose “Allow”, entering your credentials when prompted. Items without this selector can be closed.
   

3. Make sure that you are connected to the Internet.
4. In Finder, open the Cisco folder then click on Cisco Secure Client.app
   
5. If users need to access local network resources, such as network printers at home, while in full tunnel mode and connected to the More Secure Network VPN or High Security VPN service, they may need to enable the “Allow Local (LAN) access when using VPN” option in the Cisco Secure Client preferences/options (if you do not need LAN access, skip this step):
   
   1. Be sure you've selected the appropriate VPN profile (i.e. High Security VPN) and then click the preferences button.
      
   2. When in the preference screen, click the Allow local (LAN) access when using VPN (if configured) box.
      

If you have an iOS device, see iOS connection instructions below.

Connect a Computer to UVA Anywhere

1. If you haven't already, open the Cisco Secure Client.
2. Choose UVA Anywhere from the dropdown list.
   
   If the UVA Anywhere is not listed, enter this URL: https://uva-anywhere-1.itc.virginia.edu
3. Click Connect.

Connect an iOS Device to UVA Anywhere

1. If you haven't already, launch the Cisco Secure Client app.
2. To connect, tap the Off switch to connect to the UVA Anywhere VPN.
   
3. Success! When you have successfully connected, the switch will display On and Connected will show in the Details field.
   
4. Disconnect when finished.

When finished, return to the Cisco Secure Client app and tap the On switch. Wait for the Details field to say Disconnected.

1. Open the Cisco Secure Client.
2. Choose the appropriate profile from the dropdown list.
   
   If the UVA VPN Service you wish to use is not listed, enter the appropriate URL:
   
   • UVA Anywhere: https://uva-anywhere-1.itc.virginia.edu
   • High Security VPN: https://joint-vpn-1.itc.virginia.edu/
   • More Secure Network: https://moresecure-vpn-1.itc.virginia.edu
3. Click Connect.
4. In the Password field (screenshot below), select one of the following methods to authenticate:
   
   • If you have the Duo app on your smartphone: You can either type the word push to send a push notification which you can approve, or type in a passcode generated by the app.
   • If you have a Duo Token: Type in a passcode generated by the Duo Token.
   • If you are unable to use one of the above options, type in a passcode generated by the following steps:
     
     1. Visit the Duo Security tab in the Identity and Access Management (IAM) portal.
     2. Click the Generate Random Codes button at the bottom of the screen.
     3. Go back to the VPN screen (as shown below) and type the first IAM portal bypass code into the VPN password field.
        
        • *Note: You can also save the rest of the bypass codes to use in the future by clicking Print Bypass Codes (you MUST turn off pop-up blockers to view print screen) then clicking Save to save as a PDF.
     Note: The authentication notifications are limited to the options above when using 2-Step Login (Duo) with the UVA More Secure Network or High Security VPN.
     

All traffic and actions on the UVA network are subject to University policies. Regardless of the device, UVA users authorized to use our VPN services and networks have to "accept" usage terms each time they connect. This applies to all of our VPN services (UVA Anywhere, More Secure Network, & High Security VPN). You will see the second "banner" screen when connecting to the network through a VPN service; click "Accept" to proceed with your connection.

In order to prosecute unauthorized users who access our systems, we must provide notice that access to UVA networks is for authorized UVA use only. Otherwise, law enforcement (e.g. FBI) will not hold non-authorized users responsible for malicious activity on our networks.