This article requires that you have already set up an SSL VPN Remote Access tunnel on your Sophos Firewall. How to configure SSL VPN for Mac OS X You can configure SSL VPN for Mac OS X using Tunnelblick VPN client by following the steps below.
.Learn about our variety of support options to determine which one meets your needs. +.Browse resources including FAQs, training and guides, downloads, forms, and the glossary. +.View our featured news stories as well as service alerts and current status. +.Find IT services available to the WCM community.
+.Protect yourself and Weill Cornell by learning the correct security and privacy procedures. +.Access a complete list of Weill Cornell's IT policies and service level agreements.Find out more about the ITS Department and search for job opportunities.
ITS offers multiple ways to securely access internal WCM applications and tools when outside of our network. When you are off campus, you can use the following services to access restricted sites:. myApps: myApps is a web-based service which allows you to access numerous WCM resources by just logging in with your CWID and password. No software needs to be installed on your device, making it an easy and secure way to access WCM resources anywhere you have an Internet connection. Additionally, myApps addresses any browser compatibility issues that may exist when accessing various WCM applications. MyApps is available at (note that is required to verify your identity). Cisco AnyConnect Virtual Private Network (VPN): VPN offers the same access to WCM resources that myApps does, but it requires software installation on your computer.
Once you have activated a VPN session on your computer, you are free to visit any internal WCM sites as you normally would when on campus. Additionally, you can also access a departmental file share or remote into a desktop.
Visit our to install this service. Note that is required to verify your identity and you can only connect to VPN when you are off campus (i.e., not able to connect to our WCMC network).
EZproxy: EZproxy is used exclusively by the Samuel J. Wood Library to allow eligible users access library resources, like databases. No configuration on your device is required to use EZproxy; just click on the link of the resource you need to access, and EZproxy will automatically prompt you to log in with your CWID and password. More details about EZproxy are available on the.
NOTE: If you are using a university-owned device supported by OIT or your local IT staff, consult with them first before installing the VPN client.
Contents
Requirements
- Operating system: MacOS 10.13.0 or newer
NOTE: This software may work on older versions of macOS but is not officially supported by Cisco or NC State OIT. - Free hard disk space: 50 MB
- Minimum display resolution: 1024 by 640 pixels
- Administrator privileges: For installation
- Security and Privacy setting:
Allow apps downloaded from:
“App Store and Identified developers.”
For details, see Safely open apps on your Mac.
Installing the Software
- Download the installer file. For macOS 10.15 Catalina, download the updated Cisco AnyConnect 4.8 Client.
You may be asked to log in with your Unity ID and password before downloading. - Double-click on the anyconnect-macos-x.x-predeploy-k9.pkg file. (where x.x is a version number)
- In the Introduction window,
click on the Continue button (lower right). - In the Destination Select window,
choose the disk where you want to install the software (usually Macintosh HD).
Click on the Continue button (lower right). - In the Installation Type window,
click on the Install button (lower right). - In the next window, authorize the installation on your computer by entering:
- User name you use to log in to your computer (not your Unity ID).
- Your computer login password.
Then click on the Install Software button.
- In the Installation window,
a progress bar shows the status.
Installation may take a few minutes. - In the Summary window,
which shows the installation was successful,
click on the Close button.
Using VPN software: Connecting and Disconnecting
Locating the client
- In the macOS Finder menu,
select Go. - Open the Applications folder.
- Open the Cisco folder inside it.
- In the folder contents, locate
Cisco AnyConnect Secure Mobility Client.
Connecting to vpn.ncsu.edu
- In the Cisco folder, double-click on:
Cisco AnyConnect Secure Mobility Client - In the Ready to connect field, type:
vpn.ncsu.edu
if it does not already appear there. - Click on the Connect button.
- In the window that opens,
from the drop-down menu, select your Group:
1-Faculty-and-Staff: group for all employees.
2-Student: group for all students.
3-Student-Health-Center: specialized group for Student Health Center.
(Group assignment is manual.)
4-Vendor: specialized group for vendor access.
5-OIT-Staff: specialized group for OIT staff.
6-Faculty-and-Staff-FT: group for all employees with all connections in a full tunnel.
7-Student-FT: group for all students with all connections in a full tunnel. - Enter your Unity ID (username), Unitypassword and in the Second Password Field type either push, sms, or a passcode to authenticate.
- Click on the OK button.
- The Duo software will then either prompt for confirmation or send a passcode. To learn more about authentication with Duo see https://oit.ncsu.edu/it-security/2fa/.
- On the right side of the macOS menu bar,
a padlocked AnyConnect icon:
indicates a completed, secure connection to vpn.ncsu.edu. - A similar icon should appear in your dock.
Disconnecting the VPN session
When you finish using your VPN session, be sure to do the following:
- On the macOS menu bar,
click on the padlocked AnyConnect icon: - From the VPN menu that appears,
select Disconnect. - Disconnection is indicated by the absence of the padlock from the icon: