Reset Search
 

 

Article

How do I connect to VPN?

« Go Back

Information

 
Related ServiceNetwork Connectivity
Article SummaryThis article explains what you need to connect with VPN.
This article is intended for all staff and students at all campuses.
Instructions

The ability to access the Algonquin College network is provided through our Remote Access Solution (VPN). All staff and faculty have the ability to obtain our remote access solution. 

Only students who are registered in a Remote Access approved course/program will be able to acquire our Remote Access Solution (VPN). 

In either case, if you are approved for remote access, you may follow the instructions in this guide to obtain our Remote Access Solution. 

 

Table of Contents:

1. What is VPN and Remote Access?
2. Do I always need VPN when I am off campus?
3. How do I log into the Algonquin College Network Remotely
4. How do I get set-up with CISCO AnyConnect and Multi-Factor Authentication
5. Obtaining mobile phone (Soft Token) MFA Step-by-Step
6. Obtaining an E-Grid card MFA Step-by-Step
7. Downloading and Installing the CISCO AnyConnect Secure Client
8. Login to the Algonquin College network using the CISCO AnyConnect Secure Client

What is VPN and Remote Access?

VPN (Virtual Private Network) and Remote Access are often used interchangeably. If you have VPN/Remote Access, that means you have the ability to connect your computer to the Algonquin College Network when you are off campus (e.g. from home).
Multi-factor authentication is a best practice for ensuring electronic data is secure. When multi-factor authentication is used, users must enter a second set of credentials (often a security code sent to their mobile phone) in addition to their username and password. Consequently, more than one factor is used to authenticate your identity.
Algonquin College uses multi-factor authentication for remote access.

Do I always need VPN when I am off campus?

The college has several applications that you can access from any off-campus location as long as you have an internet connection. These applications include Algonquin Email, One Drive, Office 365 SharePoint and Brightspace.

Common applications that require VPN for remote access include Workday (unless you are using your pre-hire account), Sharepoint (pre-office 365 version), Peoplesoft and other specialized applications.

How do I log into the Algonquin College Network Remotely?

Note: You need to complete a one-time set-up with CISCO AnyConnect software and Multi-factor Authentication before you log into the College network remotely.  For instructions, please see How do I get set-up with CISCO AnyConnect and Multi-Factor Authentication?.  Once the set up is complete, follow the instructions below:

  1. Launch CISCO AnyConnect VPN Software
  2. Enter your Algonquin College username (do not include @algonquincollege.com or @algonquinlive.com) and password in the CISCO AnyConnect login screen. You will then be prompted to enter a second set of credentials (either a security code sent to your mobile phone, or alpha-numeric characters from an E-Grid card that is issued to you). This second set of credentials is called your multi-factor authentication (MFA).  

If you like, you may view the complete detailed step-by-step guide to logging in using CISCO AnyConnect Secure Client.

CISCO AnyConnect software and Multi-factor Authentication set up

1. Go to our self-service web-site at https://selfservice.algonquincollege.com to obtain your choice of either a Mobile Phone multi-factor authentication (Soft Token) OR an E-Grid card.  If you are a new employee or faculty member to Algonquin College, it may take up to 1 business day after receiving your Algonquin College username for your access to the self-service web-site to be activated. See instructions for:
  1. Obtaining a mobile phone (Soft Token) MFA Step-by-Step
  2. Obtaining an E-Grid Card MFA Step-by-Step
Our self-service web-site can also be used for the following:
  1. Replace a lost E-Grid card.
  2. Obtain a new E-Grid card if you forget your password to unlock your E-Grid card.
  3. Set-up a Soft Token on a new mobile phone or existing mobile phone if there are issues with your current soft token.
2. While connected to the internet (neither ACGuest nor ACSecure will work). Go to https://secure.algonquincollege.com to download the CISCO AnyConnect software. See the instructions for:
  1. Downloading and installing CISCO AnyConnect Step-by-Step.

Obtaining a mobile phone (Soft Token) MFA Step-by-Step

Note: Mobile Phone and the word Soft Token are used interchangeably in this document.
We suggest you use both your computer and your mobile phone for this process so please have them ready.
  1. Go to the App store on your mobile phone and install the free Entrust IdentityGuard Mobile or Entrust IdentityGuard Mobile ST app to your mobile device. 
  2. Go to our Remote Access self-service portal at https://selfservice.algonquincollege.com. Login using your Algonquin College username (omit the @algonquin… from your username). 
  3. If it is your first time logging in to the self-service portal, you will be asked to setup some security questions. Nobody has the ability to see the answers to your security questions. 
  4. After setting up your security questions you will be presented with several options. Note, if you have already been provided with an E-Grid card or Soft Token you may see other options available to you. Select “I’d like to request a soft token for my mobile phone”.  
  5. You will be presented with the screen below. Click “Yes” (note that the serial number is automatically generated for you, it is not something you need to pay particular attention to).
SoftToken MFA confirmation


7.    You will then be presented with the following screen. Select the option as per the screen shot below and click “Next”.
St MFA Activation options
8.    You will be presented with the screen below. Just keep your browser on this screen and pick up your mobile phone. The next few steps will be executed entirely on your phone.
QR code activation screen

9.    On your mobile phone, open Entrust IdentityGuard Mobile. If you created a PIN to unlock this app when you installed it, please enter that PIN if prompted).  Look for an icon (QR Image) on the bottom left of the screen (see below) or select it from the menu and click it.
QR scan
10.    Allow your mobile app to access your camera as you will be scanning in a bar-code.
11.    Refer to your computer. Your browser should still be left on the screen from Step 7 (see below). Hold your mobile phone up the computer and Scan the QR image (it is the square shaped item). 

QR code activation screen
12.    Your mobile phone will display a screen similar to the one below. Enter the number that is beneath the QR Code that is displayed on the self-service portal. In this case it is “79154127” and click “OK”.

password confirmation screen

13.    On your mobile phone, you will then be presented with the screen below. In the name field, simply enter the same characters found in the serial-number and add “AC” to the end (ex. 18347-14766). Click “Activate”.

identity activation

14.    Your mobile phone will then present you with the screen below. Keep this screen open as you will need to enter this registration code in a later step.

registration code

5.    Go to your computer. Your browser should still be left on the screen from Step 7. Click “Next”.

QR code activation screen
16.    The self-service portal will present you with the screen below. Look at the app on your mobile phone (where it presented you with the Registration code). Enter the registration code as per the example below and click “Next”.
registration code

17.    You will be presented with the screen below. Click Ok.
SoftToken activation

18.    You will be returned to your Self-Administration Actions screen. Note: you may have different options than what is seen in the screen below depending on if you already have an E-Grid card and/or Soft Token. You have NOW completed the process of activating your Mobile Phone as your MFA. Feel free to close your browser window and close the Entrust app on your mobile phone.

You can now proceed to download and install the CISCO AnyConnect Secure client or return to the top of the page.

Obtaining an E-Grid card MFA - Step-by-Step

  1. Go to our Remote Access self-service portal at https://selfservice.algonquincollege.com. Login using your Algonquin College username (omit the @algonquin… from your username). 
  2. If it is your first time logging in to the self-service portal, you will be asked to setup some security questions. Nobody has the ability to see the answers to your security questions. 
  3. After setting up your security questions you will be presented with several options. Note, if you have already been provided with an E-Grid card or Soft Token you may see other options available to you. Select “I’d like to request an E-Grid Card”. 
self administration actions screen
4.    You will be presented with the screen below. By creating a password, you will ensure that only you will be able to open your E-Grid card. 

e-grid card password creation

5.    Once you have successfully created a password, you will be presented with the options to get your E-Grid card. Select an option and click “OK”.

e-grid card options
6.    You will be returned to your Self-Administration Actions screen. Note: you may have different options than what is seen in the screen below depending on if you already have an E-Grid card and/or Soft Token. You have NOW completed the process of obtaining an E-Grid card as your method of Multifactor Authentication. Feel free to close your browser window.

Downloading and Installing the CISCO AnyConnect Secure Client

1.    While connected to the internet (neither ACGuest nor ACSecure will work). Go to https://secure.algonquincollege.com.
2.    Log in with your username and password. Leave the Second Password box blank…
Note: your college username does NOT include @algonquincollege.com or @algonquinlive.com

secure login
3. Click OK

A second window will now appear and this is where you will now need to use your Entrust Grid Card or Soft Token for authentication purpose. If you selected mobile phone (aka soft token), launch the Entrust application on your mobile phone and enter the security code from the app when prompted. You your connection will be completed.

If you selected E-Grid card, follow the instructions below.

4. With the above example, the Grid Challenge presents the user with coordinates such as E1, G3, and H5

e-grid authentication
5.    Use the letter (column) and number (row) combination on the E-Grid Card to locate the characters requested in the challenge and enter them in the screen

e-grid card code

6.    In this example, the User would  enter the required coordinate’s (D6H) and select continue.
7.    You will be presented with the screen below. Select AnyConnect  on the left side.

anyconnect install

8.    From the menu, select Start AnyConnect to automatically install the client using ActiveX or Java.
anyconnect install options

9.    In the event the automatic installation fails, you will be prompted to perform a manual installation

anyconnect manual install

Follow the prompts to manually download and install the AnyConnect Secure Mobility Client. Once the installation process is complete, you will be ready to connect remotely.

You can now review the steps to log in using the CISCO AnyConnect Secure Client or return to the top of the page.

Login to the Algonquin College network using the CISCO AnyConnect Secure Client

1.    On your computer where you installed the CISCO AnyConnect Software. Launch the CISCO AnyConnect VPN Client and select connect (secure.algonquincollege.com).

cisco connection screen

2.    Log in with your username and password. Leave the Second Password box blank…
Note: your college username does NOT include @algonquincollege.com or @algonquinlive.com

cisco login

3. Click OK

A second window will now appear and this is where you will now need to use your Entrust Grid Card for authentication purposes or mobile phone soft token (depending on which method you selected during self-registration). If you selected mobile phone (aka soft token), launch the Entrust application on your mobile phone and read the security code. If you selected E-Grid card, follow the instructions below.

4.    With the above example, the Grid Challenge presents the user with coordinates such as E1, G3, and H5
e-grid card mfa

5.    Use the letter (column) and number (row) combination on the E-Grid Card to locate the characters requested in the challenge and enter them in the screen
e-grid card code

6.    User must enter the required coordinate’s (D6H) and select continue with this connection to VPN will be establish.

connection screen
establishing connection

7.    If connection to the VPN is successful, there will be the following icon in the bottom right hand corner with a lock connection icon

For each subsequent connection, you will be prompted to enter a new response.

Return to the top of the page.

Attachment 
URL 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255