Connecting to the ASC VPN on MacOS and Windows

Overview

The ASC Cisco AnyConnect VPN provides secure remote access to ASC resources.

Note: Please, do not use the VPN if your service does not require it.

Always On VPN replaces Cisco AnyConnect on ASCTech managed Windows machines: click here for more information.

Contents

Alternatives to the VPN

If not required, it is best to use an alternative to the VPN. The VPN adds overhead (slowness) to connections and there are finite slots available on the VPN. There are many services that do not require the VPN.

Requires the VPN: (These are included with Always On VPN on ASCTech managed Windows endpoints.)

  • Connecting to shared and private Windows drives.
  • Re-validating your Windows license if the machine has not connected to the OSU network for 180 days.
  • Connecting to certain software license servers.
  • Syncing your OSU password on legacy computers.

Does not require the VPN:

  • Workday, Compass, and many other OSU services.
  • OneDrive, Carmen/Canvas, Zoom, CrashPlan and other cloud services.
  • University Email System, Office 365 apps.
  • Remote Desktop to Windows or Linux running XRDP:
    • ASC's RDP Gateway is preferred for on campus and off campus connections.
    • Guacamole for Windows Remote Desktop to Windows machines and ASC Standard Linux machines running xrdp.
      • Guacamole has the advantage that it doesn't require a client, just a web browser.
    • As of February 2, 2021, RDP will cease to function over the VPN.
  • SSH to Linux machines using Jump. (This includes Unity, but see OnDemand below.)
  • Unity has an OnDemand feature which can let you check on your jobs, start jobs, and even get a full desktop.
  • SFTP to Linux hosts, this can be tunnelled through Jump and is faster.

Linux users are strongly encouraged to use Jump, but if the VPN is required we suggest using openconnect (see related articles) instead of the Cisco client.

Always On VPN - Windows

If your machine is an ASCTech managed Windows computer, your machine will connect using an "Always On VPN" to certain ASC/OSU services.

This enables anywhere access to:

  • ASC Windows file shares.
  • ASC run license servers, such as Autodesk, Cinema 4D, Comsol, Deadline, IDL, Keyshot, Maple, Matlab, Mathematica, OriginPro, SolidWorks, SPSS, etc.
    • If you need a license that works without any network connectivity, contact ASCTech.
  • Windows Software Center, for installing OSU licensed software.
  • Immediate password syncing with your OSU lastname.# account from anywhere.
  • Patching and configuration, keeping your computer secure.
  • WiFi icons showing the connection to a VPN.  The shield color depends on system theme. Uploaded Image (Thumbnail)Uploaded Image (Thumbnail)

What Always on VPN does not do:

  • The AOVPN does not pass Remote Desktop, X Windows, or SSH.
    • Use Gateway and the SSH Jump Host to connect to these without the Cisco VPN.
  • AOVPN does not route all your traffic via OSU.
    • Just traffic that would need to go to OSU anyway is routed.

If your ASC Windows computer does not appear to have access to the Always On VPN, please contact us. AOVPN was deployed February 21, 2022.

Note for Macintoshes: Recently imaged Macs do sync your OSU password, and Self-Service Software is available everywhere. We are looking at ways to enable file shares and license servers on Macs as well.

Procedure for Windows and Macintosh

1. Install the client:

  • If you are on an OSU owned computer:
    • Windows: find the Cisco client in Software Center 
    • Macintosh: find the Cisco client in Self Service
    • These will install without needing administrator rights.
  • Otherwise, please go to https://www.asc.ohio-state.edu/vpn/ to download the client for your operating system.

2. Once the program has been installed, open it. On a Mac, you can open it in Applications, but on Windows, just search for it in the Start Menu.

3. In the dropdown field, type vpn.asc.ohio-state.edu - this address will be saved next time you want to connect.

4. You will be prompted for your group, username, password, and second password.
For group: Select “ASC-VPN” for access to all OSU on-campus resources. Select “ASC-VPN-TunnelAll” to be able to access off-campus resources, as well as on-campus resources as though you were on campus. The “ASC-VPN-TunnelAll” is useful for directly accessing journals from the publisher’s site, for instance.
For username: Use your name.#.
For password: Use your OSU password (used for email, Carmen, my.osu.edu, etc.).
For second password: Your second password will be from Duo. If you use Duo on a smart device, you can either:

  • type “push” and then click OK, and confirm the push on your mobile device OR
  • go into Duo on your mobile app and request a passcode by pressing the key button

5. Click Accept on the Window that pops up.


6. Cisco will give you the green checkmark when you’re connected.

Details

Article ID: 14542
Created
Fri 7/8/16 9:08 AM
Modified
Wed 4/3/24 12:11 PM

Related Articles (8)

Connecting to Linux Home Drives
Connecting to Linux Home and Group Directories: From on ASC's network, off network, and from Linux machines.
Connecting to the ASC VPN on Linux
A basic guide for connecting to the ASC VPN using NetworkManager and OpenConnect on Linux.
DUO: FAQ for ASC Faculty and Staff
DUO is OSU's two factor authentication service. It's also known as BuckeyePass.
How to Change Local Admin Password-Mac
Directions on how a user can change their Local Admin password on a Mac.
Remote Teaching and Remote Work Resources
Starting point and introduction to remote resources.
Using Gateway for Windows Remote Desktop from Windows/Mac/Linux
Gateway.asc.ohio-state.edu allows Remote Desktop to OSU machines from off campus with Duo two factor authentication.
Using Guacamole for Remote Access
Guacamole is a service to access on campus computers remotely using a web browser.

Related Services / Offerings (1)

VPN
Virtual Private Network (VPN) creates a secure, encrypted connection, which can be thought of as a tunnel, between your computer and resources within your network security perimeter.