The Secure Sockets Layer Virtual Private Network (SSL VPN) allows authorized users access to private or restricted services on the UC network from off-campus locations. You will need to log into the VPN if you are off-campus and need access to a departmental file server or restricted service, for example.
NOTE: If you are currently on the UC internal network, you will not be permitted to access the VPN while on UC's campus.
- AnyConnect Client. Installing the Cisco AnyConnect Secure Mobility Client eliminates the need to download the application each time a user logs into the SSL VPN Portal. If you have not previously installed the Cisco AnyConnect client, you can authenticate to any of the VPN’s through a web-browser which will attempt to auto-install AnyConnect.
- In this video, we're going to configure SSL VPN with AnyConnect using certificate-based authentication Tagged: Videos, ASA, AnyConnect Newer Post SSL VPN with AnyConnect using Certificate-Based Authentication and AAA/ISE.
If you wish to install the AnyConnect client, please select the appropriate link from the list below to install the VPN AnyConnect client software on your device.
If you download the Windows installer on Windows 10 with Microsoft Edge or Internet Explorer you will need to change the file extension from .man to .msi before you can run the installer.
Cisco AnyConnect Secure Mobility Client is a great all-around VPN client, whether manually used or automated. Software VPN connection to our private network is generally easily configured and managed.Appropriate if you have Cisco Firewall/ Concentrator Head-end.Not quite as useful with Cisco Meraki MX or third-party Head-end.Not as useful if you use a service like Verizon Private Network. Instructions for Connecting to the USNA SSL VPN Bring up your browser and type in and hit enter. Type in your username and password and click on Login. Click on Continue at the user agreement prompt.
Step-by-step installation instructions are available in the IT@UC Knowledge Base article UC VPN Installation and Use Instructions.
Cisco Asa Anyconnect Vpn Configuration
If you are experiencing issues with AnyConnect, please refer to our Troubleshooting guide for UC VPN KB article, or contact our Service Desk.
When installing and using the Cisco AnyConnect SSLVPN (Secure Sockets Layer Virtual Private Network) client problems may occur. This document will help diagnose and solve some potential issues that may be encountered. Use the links below to jump to a topic or scroll down to read all of the topics.
Installing the SSLVPN Client
AnyConnect is a straightforward installation. To install the client, go to https://sslvpn.asu.edu/2fa and log in with your ASURITE credentials.
After you have provided your credentials, the installation will start immediately. On Windows machines, the web installation will first attempt to install the AnyConnect client through ActiveX. If you are using Google Chrome or Mozilla Firefox, this will fail, and prompt you to download the client for your operating system:
(For Mac OSX users, the link will display as Mac OS instead of Windows Desktop)
For some permitted users, specifically faculty or staff members, Cisco AnyConnect can be downloaded through My Apps in My ASU. Click on the My Apps icon on the left-hand side-bar, search in the search bar “Cisco AnyConnect,” select Download App Now and download the installation file respective to your operating system. To see if your operating is supported, view the Supported Operating Systems list for details.
Once you have finished downloading the manual installation, you are now ready to install. After completing the installation, you can now start the Cisco AnyConnect Secure Mobility Client.
Launching the SSLVPN Client
If the web installation completes without failing the automatic session, you will be connected to the VPN. After shutting down your computer, you can always reconnect through the automatic process by going to https://sslvpn.asu.edu/2fa
If you completed the manual installation of the VPN client, you will need to start the VPN from where you installed it on your computer.
The name of it on your computer (and icon) should be:
Once you launch the Cisco AnyConnect Secure Mobility Client, you will be prompted with the following window:
NOTE: Access to the ASU VPN (virtual private network) for faculty and staff is now two-factor enabled for both the Cisco AnyConnect VPN client and the VPN website. See this KB Article for more information.
To connect via the VPN website, the new site address is: https://sslvpn.asu.edu/2fa. If you connect via the Cisco AnyConnect VPN client, you will need to type the new “sslvpn.asu.edu/2fa” address into the field, like below, before clicking on “Connect”.
To use SSLVPN to have a dedicated tunnel for all traffic from you laptop back through the ASU SSLVPN, for example in the special case you are traveling in China, use: “sslvpn.asu.edu/tunnel.”
Students and student resources such as the Library can continue to use the current site address: sslvpn.asu.edu
You will be prompted for your login credentials:
- Username – Enter your ASURITE
- Password – Enter your ASURITE PASSWORD
- Enter the name of an Authentication Factor – Enter name of desired (DUO 2FA code) authentication method, see below for details.
Authentication Factor Options:
The third box is used to enter a second authentication factor.
- Type push into the box to receive a Duo push notification from the Duo app on your smartphone, then click “OK”. After you confirm the Duo push notification on your smartphone, you will be logged into the ASU 2FA VPN.
- Type phone into the box to receive a Duo phone call notification, then click “OK”. When you receive the phone call, just follow the automated instructions and you will be logged into the ASU 2FA VPN.
- Type sms into the box to receive a code via text message, then click “OK”. If you enter sms, a code will be sent to you and the Cisco AnyConnect authentication box will appear again. Re-enter your ASURITE ID, password, and in the third box enter the passcode you received from the Duo sms message to log into the ASU 2FA VPN.
- Enter a Duo Passcode. You can obtain a Duo passcode by starting the Duo app on your smartphone, clicking on the “key” button associated with your Arizona State University Duo account and then typing in the displayed code into the authentication factor field. This option does not require a cell or internet connection. The Duo app generates the code when you push the “key” button in the Duo app (red box in the image below). The second image below shows where you type this Duo passcode into the authentication factor dialog box.
Note that for security reasons, you will see dots when typing in both your ASURITE Password and authentication factor selection (push, phone, sms or Duo passcode) and the actual push, phone, sms or Duo passcode you use to authenticate with.
Duo Generated Passcode Example:
Anyconnect Ssl Vpn License
AnyConnect Sign In screen showing where to type in Duo generated passcode:
Cisco Anyconnect Ssl Vpn Client
NOTE: Please be sure your Cisco AnyConnect VPN client is at least version 4.1 so that you have the best possible connectivity available. Two-factor authentication will not work with older client versions.