Configuring the UCSD VPN Client for Windows 10 or 11 via Conventional Installation


Overview

Download and configure the new UCSD Virtual Private Network (VPN) AnyConnect client on your Windows 10 or 11 Desktop and Tablet using a conventional installation.

Critical Concepts

For more information about the UCSD VPN, please visit Virtual Private Networks at UCSD.

  1. The VPN only needs to be installed if you need access to Trusted Resources.
  2. You must log into your computer with administrator rights.
  3. You need your Active Directory (AD) username and password. If you don't remember your AD username or password, you can either reset it at password.ucsd.edu or contact your department's systems administrator.
  4. Those required to comply with Secure Connect NAC must select a secure-connect group.

Steps to Take

  1. Download the UCSD VPN AnyConnect client.
    1. Download the VPN AnyConnect client (UCSD login required).
      1. NOTE: If you encounter any issues accessing this Sharepoint link, please try logging into mcvpn.ucsd.edu to access the download link titled Windows Client Download.
    2. Click Run, or find the downloaded file and open it.

      Screenshot of pop up to save the VPN download client

  2. Begin the installation
    1. Click Next to begin the installation.

      Screenshot of the Cisco AnyConnect Mobility Client Setup Wizard

  3. Accept the license agreement.
    1. Accept the terms, and click Next.

      Screenshot of the Cisco AnyConnect setup client's end user license Agreement

  4. Continue the installation.
    1. Click Install.
    2. You may be asked if you want to allow the following program to install software on this computer.
    3. Click Yes.

       Screenshot of the Cisco AnyConnect Ready to Install window

  5. Finish the installation.
    1. Click Finish.
    2. Restart your system.
      1. Settings/Power/Restart

        Screenshot of the Cisco AnyConnect client setup with the "Finish" button
  6. Run the AnyConnect client.
    • On Windows 10 and 11: Click on the Windows Start Button (this will display the Windows Start Menu). Click on All Apps and choose the Cisco folder..
  7. In the first window, enter vpn.ucsd.edu in the box and click on the “Connect” button to the right.
  8. A second window will appear. Select your desired connection profile from the Group drop-down menu:
    • 2-Step Secured - allthruucsd – Route all traffic through the UCSD VPN. Use this when accessing CMS website staging links.
    • 2-Step Secured - split – Route only campus traffic through the UCSD VPN. All other traffic goes through your normal Internet provider.
    • secure-connect-allthruucsd - Similar to "2-Step Secured - allthruucsd" but for devices required to comply with Secure Connect NAC.
    • secure-connect-split - Similar to "2-Step Secured - split" but for devices required to comply with Secure Connect NAC.
  9. In the Username field, enter your Active Directory (AD) username.
    • In the Passcode field, use the following to authenticate through DUO (See Duo Two-Step Login on the VPN for further details):
      • If you receive DUO push notifications on your mobile phone, enter: yourADpassword,push
      • If you receive a DUO sms to authenticate, enter: yourADpassword,sms
      • If you use a bypass code or use a DUO token or the DUO app to generate a passcode, enter: yourADpassword,CodeYouWereGiven
    • Click OK. If you are not required to comply with the Secure Connect NAC VPN or your VPN already shows "ISE Posture", skip to step 17.
      Choosing VPN group and entering AD credentials for the VPN


    • Screenshot of the VPN connection window

      Screenshot of the AnyConnect VPN Client connected to the VPN with the ISE Posture Module displaying as compliant below it
  10. Next, navigate to "captive-portal.ucsd.edu'. This page will say "UC San Diego VPN Security" at the top. On this page, click "Start".
  11. The page will check for the posture module on your device. If you do not have the required module for your VPN instance, click on the "This is my first time here" dropdown menu.
  12. Under step 1, click on the "Click here to download and install Agent" link. This will download the required module to your device. 
    • Screenshot of Secure Connect captive portal for VPN ISE posturing with a red arrow pointing to the installation link for the ISE posture module
  13. You may get an error when downloading the module. If so, hover the mouse over the download, click the 3 dots, and click "Keep".
    • Screenshot of error message when downloading the VPN ISE posture module with the 3 dots clicked on and the button "Keep" highlighted
  14. When the module finishes downloading, click on the download to initiate the installation of the module.
    1. If you get the error "SmartScreen can't be reached right now", click "Run", then click "Yes".
      • Screenshot of VPN Smartscreen error message indicating SmartScreen can't be reached right now with the button "Run" boxed with a dotted line
  15. In the window that appears, click "Connect". Once the installation finishes, click "Quit".
    1. You can now close out the "captive-portal.ucsd.edu" website.
  16. If the device does not have all of the required software for connecting to the VPN, you will be redirected to articles on how to become compliant. In order to access these articles, you will need to first disconnect from the VPN.
    1. If you are not already logged into the "Services & Support" website, you will then need to use your Active Directory (AD) credentials to log in and access the articles.
    2. Follow the steps in the articles to download and install the required software.
    3. Once your device has all of the required software, you can click the "Scan Again" button in the VPN client under "ISE Posture" to check again for compliance before reconnecting to the VPN.
    4. Once compliant, reconnect to the VPN using one of the secure-connect group options.
  17. To disconnect from the VPN after your session is finished:
    1. Click on the Windows Start Button (this will display the Windows Start Menu).
    2. Click on All Apps and choose the Cisco Folder. 
    3. Proceed with selecting the Cisco AnyConnect Secure Mobility Client.
    4. When the window appears, select Disconnect.

      Screenshot of the VPN Window with the "Disconnect" button
If you still have questions or need additional assistance, please contact the ITS Service Desk. You can call us at (858) 246-4357, email us at support@ucsd.edu, or submit a ticket at support.ucsd.edu.