How do I connect to VPN with Enhanced CWL
Follow these instructions to connect to specialized UBCO VPN pools that require an Enhanced CWL.
Requirements:
To use a specialized VPN pool with Enhanced CWL, ensure that:
- The VPN pool you are connecting to is configured to use Enhanced CWL.
- You have previously enrolled at least one device using Enhanced CWL.
Note: The general VPN Pool will bypass Enhanced CWL and these instructions do not apply.
Instructions:
Once a connection for a particular VPN session has been established, you will not be challenged with an authentication request for any other application or service while securely connected (unless you are attempting to access an application that contains confidential or highly secure information).
To connect to a specialized VPN pool with an Enhanced CWL, follow the steps below or watch the video.
- Open the Cisco AnyConnect Security Mobility Client.
Note: myvpn.ok.ubc.ca may also be used. - Enter your username and the VPN pool you wish to connect to along with your password
- The new additional step is to type “@” after your username along with how you want to authenticate.
Duo App Enter username.vpnpool@app (or username@app, depending on which specialized VPN you are using) if you wish to authenticate using your smartphone Phone Call Enter username.vpnpool@phone (or username@phone, depending on which specialized VPN you are using) if you wish to authenticate by a phone call either to a landline (deskphone) or mobile phone Passcode Enter username.vpnpool@****** (or username@******, depending on which specialized VPN you are using) if you wish to authenticate using a passcode generated by a hardware token or a soft token using the Duo app.
Please note: The * indicates the unique code generated for a particular authentication instance. Enter the numbers as they appear on your token after @, not the actual asterisks). - If any information is entered incorrectly or forgotten you will see an error message reminding you of the extra information required to authenticate
- The new additional step is to type “@” after your username along with how you want to authenticate.
- Once entered correctly, an authentication request will be sent to your method of choice
- You will not see a separate message on the AnyConnect client specifying that a response is waiting
- You will know that the authentication has been approved when the AnyConnect dialogue box changes to “Establishing VPN Session”
- Once a connection is established you will be able to proceed as usual
The AnyConnect client will recall the information entered from your previous session.
If you authenticate with Enhanced CWL using the same method for each request, you will simply:
- Open the Cisco AnyConnect Security Mobility Client
- The username and method of authentication will already be populated
- Enter your password and click ‘Okay’
- An authentication request will be sent to the method specified
- You will know that the authentication has been approved when the AnyConnect dialogue box changes to “Establishing VPN Session”