Click on the question or the down arrow icon to display the answer.

A VPN or Virtual Private Network allows you to establish a secure connection to another network. At MSU, a VPN connection is required to access many resources on the campus network (like Opal, Sympa list server, etc.) when you are off-campus so the servers remain secure. All MSU faculty, students, and staff in good standing can use the MSU VPN.

Currently the MSU VPN is run on a PPTP Windows server. The new VPN being implemented in the Fall of 2017 is Cisco AnyConnect. The Cisco AnyConnect Secure Mobility client is available for almost all devices and platforms and will allow more MSU employees to work securely from any location at any time.

Yes, you will need to download the AnyConnect Secure Mobility Client. Please visit  http://www.montana.edu/uit/computing/desktop/vpn/index.html for instructions.

Yes, the AnyConnect client needs admin rights to be installed, however subsequent updates will not need them. If you do not have admin privileges on your computer please contact your Departmental IT staff or the MSU Service Desk (994-1777 or helpdesk@montana.edu) for installation assistance.

A VPN Tunnel is an encrypted communication between two devices. The network device is commonly a firewall as it is in our case. We have a Cisco ASA for our network device. The client device is commonly yourlaptop or phone with the client software installed. The tunnel is created when the client device initiates a connection to the firewall. This connection is now like a virtual wire going through the internet to build a connection to network resources behind the firewall. 

 

The VPN is setup as a Split Tunnel this configuration was a group decision from the VPN working Group. The Split Tunnel is setup to only route traffic through the VPN Tunnel that is destined for MSU network resources, all other traffic will go out your regular internet connection.

When this happens it is likely because the In Common Intermediate Certificate needs to be "trusted". When the error pops up, you will need to "trust" the certificate. Depending on your situation, you may have to check a box to "Always trust this..." And/or also click a button to Connect Anyway or Always Connect.

Reboot (restart) the computer. This will log out all of the other users who are logged into the computer.  You'll then be able to log back in and connect. 

A screenshot of the Cisco AnyConnect error that reads: Cisco AnyConnect failed to start.  It is already running in another user's session.