How do I work remotely using the campus VPN?

Campus VPN

- The campus VPN is the preferred method for accessing research systems from "off-campus."
- You can use PSU's Virtual Private Network (VPN) to access research compute systems via SSH or remote desktop protocol (RDP) and mount network file shares. To use the VPN, you must first enroll in Duo Two-Factor Authentication (2FA). Visit Enroll in Duo Two-Factor Authentication (2FA) for instructions.

Connect to the campus VPN

Prerequisites

- Ensure you have already enrolled a device in Duo 2FA .
- Ensure the Cisco AnyConnect VPN client is installed on your computer or device.
  - - For Linux Clients - follow these steps for VPN installation.

Note: If you are a Mac user and you receive and "unsigned publisher" error when attempting to install, do the following:

- - 1. Hold down the Control key while clicking the downloaded .dmg file, then click Open.
    2. Accept the prompt to continue the install.

Open the VPN client

1. Open the Cisco AnyConnect VPN client.
2. Complete the login process using the appropriate method below, depending on your method of verification.
  1. - Note: If you've connected to the VPN successfully in the past, AnyConnect will autofill the address bar. To log in to a different address, click Cancel and enter the new address.

Method 1: Mobile device with Duo app installed

1. Type vpn.pdx.edu in the address box. (Note: If you are connecting to a specialized VPN, type the address here.)
2. From the Group menu, select 1-Employee Duo-Default or 3-Student Duo-Default.
3. Type your Odin username and password.
4. Approve the Duo push notification on your mobile device.

Note: Some systems require a full tunnel for access. You can type vpn.pdx.edu/full in the address box for a “Full Tunnel” VPN connection (refer to section below for more details).

Method 2: Landline or mobile phone without the Duo app installed

1. Type vpn.pdx.edu in the address box.
  1. - Note: If you are connecting to a specialized VPN, add -alloptions to the end of its address. For example: vpn.pdx.edu/cis-alloptions.
2. From the Group menu, select 2-Employee Duo-All Options or 4-Student Duo-All Options.
3. Type your Odin username and password.
4. In the third input field, type push, sms, or phone to select your preferred verification method. (The connection will fail
  1. - Note: If you choose to use SMS, a temporary code will be texted to you and you will be returned to the same VPN login screen. Type the temporary code into the third input field in addition to your Odin username and password.
5. Approve the Duo notification on your phone.

Note: Some systems require a full tunnel for access. You can type vpn.pdx.edu/full-alloptions in the address box for a “Full Tunnel” connection.

Logging In with SSH (after VPN Connection established)

After you have established a VPN connection (either split or full tunnel), you can open the terminal and connect as you would on-campus using SSH to access an RC System.

$ ssh username@login1.coeus.rc.pdx.edu

Last login: Fri Mar 13 14:41:29 2020 from 10.234.0.132

[username@login1 ~]$

Learn more about connecting to RC Systems using SSH (on-campus or remote options available).

Please be sure to setup Passwordless SSH for both security and faster login.

Full Tunnel VPN ( vpn.pdx.edu/full )

By default, all VPN connections to "vpn.pdx.edu" are split tunnel, meaning only traffic destined for the PSU Network will be routed through the VPN.

Certain resources require a full tunnel connection (vpn.pdx.edu/full), which routes all traffic through the VPN. This is designed to be more secure and the preferred method when working with sensitive data. In general, only use a full tunnel if needed, as it ties up more network resources for all users. Its use is also recommended when connecting from public networks, such as coffee shops or airports.