Difference between revisions of "Virtual private network for employees"
| Line 81: | Line 81: | ||
===macOS=== | ===macOS=== | ||
| − | [File:ConnectToServer.png|frame|Fig 2. Here is a sample of the server addresses you may need to connect to.]] | + | [[File:ConnectToServer.png|frame|Fig 2. Here is a sample of the server addresses you may need to connect to.]] |
* In Finder, press and hold the '''<Command>''' key then tap the '''<K>''' key to bring up the "Connect to Server" prompt | * In Finder, press and hold the '''<Command>''' key then tap the '''<K>''' key to bring up the "Connect to Server" prompt | ||
* Connect to one of the network locations listed in Fig 2. | * Connect to one of the network locations listed in Fig 2. | ||
| Line 88: | Line 88: | ||
* Department drive: smb://store.winona.edu/department/ | * Department drive: smb://store.winona.edu/department/ | ||
| − | |||
| − | |||
==Related information== | ==Related information== | ||
Revision as of 19:18, 10 March 2020
|
REVISION IN PROGRESS: This article contains useful information, but is being revised to reflect recent updates. Direct questions to TLT (tlt@winona.edu). |
Winona State University Information Technology Services provides a secure virtual private network for employees working from off-campus locations. To maintain data security, access to some Winona State University online services requires a direct connection to our private campus network. Using our virtual private network (VPN), employees working remotely can emulate this direct, private connection and access these services as if they were on campus.
Is VPN required for telework?
No. Most Winona State University employees do not need a continuous VPN connection for telework. It's only required for certain services with elevated restrictions, and then only for the duration of your transaction. Once that work is complete, you can disconnect VPN and continue working without it. Below are some services that either require or don't require a VPN connection for off-campus access. Contact the Technical Support Center (TechSupport@winona.edu, 507-457-5240, Somsen Hall 207) for a full list and if you have any questions.
Some services that require VPN
- Department network drives (e.g., S drive)
- Printing to a department printer
- Marketplace
Some services that do not require VPN
- Office 365
- D2L Brightspace
- Zoom
Does VPN require multi-factor authentication?
Yes. You will need to verify your credentials using a second step available only to you. Specifically, you will enter a one-time password (a random sequence of digits) generated by an authenticator app installed on your phone, tablet, or laptop. The first step in preparing to use VPN is to install a supported authenticator app.
Setting up VPN
Step 1: Install an authenticator app
Winona State University Information Technology Services supports two authenticator apps for use with VPN:
- Microsoft Authenticator (recommended): Install this app if you prefer using your phone or tablet to verify your VPN credentials.
- Authy: Install this app if you prefer using your WSU laptop to verify your VPN credentials.
Step 2: Add your VPN account to your authenticator app
NOTE: Please use Google Chrome to complete these steps. Mozilla Firefox is known to present errors during this process.
- You must have access to an Authenticator app. This is typically a mobile phone app that can generate six-digit verification codes to allow multi-factor authentication.
- Ensure your computer is connected to the Wazoo wireless network on campus
- If you are on a desktop computer your wired network connection should suffice
- All employees must start by setting up their One-Time Password (OTP) at this link while on campus: https://otp.winona.edu
- Once on that page, enter your StarID in the Username field
- Enter your network password on the next screen
- Click Add OAUTH Token
- Click the radio button next to Online then click Add
- On the next page, scan the QR code with the authenticator app of your choice
- You MUST click 'Done' after you scan your QR code!
- We recommend Microsoft Authenticator or Authy
Step 3: Test the VPN connection
For the next steps you must be connected to an off-campus (home) network or VPN will fail to connect.
If you would like to test your VPN connection while still on-campus, temporarily connect to the EduRoam Wi-Fi network with your StarID@minnstate.edu.
Connect to VPN-Cisco AnyConnect on Windows 10
- Open the Start Menu and type Cisco
- Select 'Cisco AnyConnect Secure Mobility Client' when it appears
- If Cisco AnyConnect does not appear in your start menu, open your internet browser and go to https://ot.winona.edu
- Once Cisco AnyConnect opens, replace tunnel.winona.edu with ot.winona.edu then hit Connect
- You will be prompted to login with your StarID, your six-digit authentication code, and your StarID password
- Select your group from the drop down list. If you do not know your group, just choose grp_employee as shown in the screenshot below.
- Username format is StarID-six digit auth code (ex: pp7998kk-042565). Do not forget the dash between your StarID and the six-digit code from your Microsoft Authenticator or Authy app that you setup to use for VPN.
Connect to VPN- Cisco AnyConnect on macOS
- Click on Spotlight in the upper right corner of your Mac
- Type in "Cisco"
- Select "Cisco AnyConnect Secure Mobility Client" when it appears
- If Cisco AnyConnect does not appear, open your internet browser and go to https://ot.winona.edu
- Once Cisco AnyConnect opens, replace tunnel.winona.edu with ot.winona.edu then hit Connect
- You will be prompted to login with your StarID, your six-digit authentication code, and your StarID password
- Select your group from the drop down list. If you do not know your group, just choose grp_employee as shown in the screenshot below.
- Username format is StarID-six digit auth code (ex: pp7998kk-042565). Do not forget the dash between your StarID and the six-digit code from your Microsoft Authenticator or Authy app that you setup to use for VPN.
How do I access my network storage off-campus?
You will first need to connect to your VPN client Cisco AnyConnect. Next follow steps below:
Windows 10
- Open your Start Menu and click the "Click to Map Network Drives" tile located at the top middle of the screen
- Re-open your Start Menu and click the "File Explorer" tile in the middle of the screen
- Your network storage drives will be located under the "Network locations" heading. You may have to scroll down to find it.
macOS
- In Finder, press and hold the <Command> key then tap the <K> key to bring up the "Connect to Server" prompt
- Connect to one of the network locations listed in Fig 2.
- Just copy/paste one of the addresses below if your list is not pre-populated
- Personal storage: smb://store.winona.edu/users/
- Department drive: smb://store.winona.edu/department/