Cisco Anyconnect Firefox

Posted on |



Launch VPN Service
Working

NIU's Virtual Private Network (VPN) service allows current faculty, staff, and students to login and then send and receive data securely across public networks. Several enterprise applications at NIU, including PeopleSoft, Cascade, etc., require VPN access from off-campus. All NIU employees and students, however, are encouraged to use NIU's VPN service to access NIU data and applications whenever they are away from the campus network and especially when traveling. (See Information Security Guidelines for Travel).

Cisco AnyConnect, OS X and Firefox Brian Mac, Tech November 3, 2011 March 29, 2018 1 Minute When I started work at bright solid one of the tasks given (or rather one of the tasks I gave myself) was to get the Cisco AnyConnect client working on OS X. Cisco AnyConnect Secure Mobility Client provides this through a mobility centric cross-platform application. It provides a VPN and encrypted web connection for any device. All of this is sent into a single observable private network. It is using the Cisco AnyConnect Mobility Client and I looked through the settings I could find but can't find anything about how to select which traffic goes through the VPN and which goes through my regular internet connection. Can I set it up on an application level — like always route Firefox through internet but Chrome through the VPN? Cisco AnyConnect VPN Client Updates. If you connect to remotevpn.wwu.edu using an outdated Cisco AnyConnect Secure Mobility client for Mac OS-X or Windows, the client will automatically exit if an update exists. Then the Cisco AnyConnect Secure Mobility Client Downloader will automatically download and install the updated client.

How to use NIU's VPN Service (most common option)

  1. To download Cisco AnyConnect, you will need to click https://vpn.niu.edu and choose the Group for the access you require. Login with your NIU AccountID@mail.niu.edu and password. You will be required to verify your account before moving forward.
    • Most faculty and staff will already have this client on their NIU-managed desktop/laptop. Others will have the opportunity to download and install the client at this point.
  2. From your device launch the Cisco AnyConnect client. At 'Ready to Connect', enter vpn.niu.edu and click Connect.
  1. **You must select the group first. This box will appear behind the sign in page.
    When prompted for Group, choose the Group for the access you require. For general campus access please choose NIU_Split_Tunnel_VPN or NIU_Full_Tunnel_VPN.
  1. Enter your NIU AccountID@mail.niu.edu then click next then enter your password click Sign in. You will be required to verify your account.
  2. *NOTE: This will pop-up each time you login to the VPN no matter which option you choose.
    Click Yes or No or press ENTER
  3. The AnyConnect client will then complete its connection.
  4. To disconnect, open the active AnyConnect window and click to Disconnect.

How and Why to use NIU's Split Tunnel vs NIU's Full Tunnel

NIU_Split_Tunnel_VPN option is the least secure but should be used when:

  • you trust the network you are on (e.g. your home network or a remote workplace) AND
  • you must simultaneously connect to data, devices or services (e.g. printers, file shares, etc.) on the home/remote network and to data, devices or services on NIU's network.

NIU_Full_Tunnel_VPN is the most secure and should be used when:

  • you are connecting to NIU's network from an unsecured location (e.g. local restaurant or coffee shop)
    • you will not be able to print to a wireless printer when connected to the Full Tunnel

Having Trouble?

Depending on your home network, you may not be able to connect to home devices when connected to VPN. This is especially true in 2 circumstances:

  • You use an internal DNS system
  • Your internal network uses 10.x.x.x

Workarounds include:

  • Use a local hosts file
  • Use 192.168 on home network

Do not use Firefox. Details about the browser issue below:

Cisco Anyconnect Firefox
  • The newest Firefox Version 74.0, that was Released on March 10, 2020 is NOT supported on our current Cisco AnyConnect VPN.
  • Older versions of Firefox on MAC OS have an issue with the Firefox Certificate Store. You will need to use a different browser.

If you are still unable to install the client or cannot successfully login, please submit an incident by clicking the red button to the left to Submit an Incident.

When installing and using the Cisco AnyConnect SSLVPN (Secure Sockets Layer Virtual Private Network) client problems may occur. This document will help diagnose and solve some potential issues that may be encountered. Use the links below to jump to a topic or scroll down to read all of the topics.

Installing the SSLVPN Client

AnyConnect is a straightforward installation. To install the client, go to https://sslvpn.asu.edu/2fa and log in with your ASURITE credentials.

After you have provided your credentials, the installation will start immediately. On Windows machines, the web installation will first attempt to install the AnyConnect client through ActiveX. If you are using Google Chrome or Mozilla Firefox, this will fail, and prompt you to download the client for your operating system:

(For Mac OSX users, the link will display as Mac OS instead of Windows Desktop)

For some permitted users, specifically faculty or staff members, Cisco AnyConnect can be downloaded through My Apps in My ASU. Click on the My Apps icon on the left-hand side-bar, search in the search bar “Cisco AnyConnect,” select Download App Now and download the installation file respective to your operating system. To see if your operating is supported, view the Supported Operating Systems list for details.

Once you have finished downloading the manual installation, you are now ready to install. After completing the installation, you can now start the Cisco AnyConnect Secure Mobility Client.

Launching the SSLVPN Client

If the web installation completes without failing the automatic session, you will be connected to the VPN. After shutting down your computer, you can always reconnect through the automatic process by going to https://sslvpn.asu.edu/2fa

Cisco anyconnect linux install

If you completed the manual installation of the VPN client, you will need to start the VPN from where you installed it on your computer.

The name of it on your computer (and icon) should be:

Once you launch the Cisco AnyConnect Secure Mobility Client, you will be prompted with the following window:

NOTE: Access to the ASU VPN (virtual private network) for faculty and staff is now two-factor enabled for both the Cisco AnyConnect VPN client and the VPN website. See this KB Article for more information.

To connect via the VPN website, the new site address is: https://sslvpn.asu.edu/2fa. If you connect via the Cisco AnyConnect VPN client, you will need to type the new “sslvpn.asu.edu/2fa” address into the field, like below, before clicking on “Connect”.

To use SSLVPN to have a dedicated tunnel for all traffic from you laptop back through the ASU SSLVPN, for example in the special case you are traveling in China, use: “sslvpn.asu.edu/tunnel.”

Students and student resources such as the Library can continue to use the current site address: sslvpn.asu.edu

You will be prompted for your login credentials:

Cisco Anyconnect FirefoxFirefox
  • Username – Enter your ASURITE
  • Password – Enter your ASURITE PASSWORD
  • Enter the name of an Authentication Factor – Enter name of desired (DUO 2FA code) authentication method, see below for details.

Authentication Factor Options:

The third box is used to enter a second authentication factor.

  • Type push into the box to receive a Duo push notification from the Duo app on your smartphone, then click “OK”. After you confirm the Duo push notification on your smartphone, you will be logged into the ASU 2FA VPN.
  • Type phone into the box to receive a Duo phone call notification, then click “OK”. When you receive the phone call, just follow the automated instructions and you will be logged into the ASU 2FA VPN.
  • Type sms into the box to receive a code via text message, then click “OK”. If you enter sms, a code will be sent to you and the Cisco AnyConnect authentication box will appear again. Re-enter your ASURITE ID, password, and in the third box enter the passcode you received from the Duo sms message to log into the ASU 2FA VPN.
  • Enter a Duo Passcode. You can obtain a Duo passcode by starting the Duo app on your smartphone, clicking on the “key” button associated with your Arizona State University Duo account and then typing in the displayed code into the authentication factor field. This option does not require a cell or internet connection. The Duo app generates the code when you push the “key” button in the Duo app (red box in the image below). The second image below shows where you type this Duo passcode into the authentication factor dialog box.

Note that for security reasons, you will see dots when typing in both your ASURITE Password and authentication factor selection (push, phone, sms or Duo passcode) and the actual push, phone, sms or Duo passcode you use to authenticate with.

Duo Generated Passcode Example:

AnyConnect Sign In screen showing where to type in Duo generated passcode:

Cisco Anyconnect Firefox App

NOTE: Please be sure your Cisco AnyConnect VPN client is at least version 4.1 so that you have the best possible connectivity available. Two-factor authentication will not work with older client versions.