What is VPN Access?
VPN access will allow you to securely connect your computer or mobile device located away from SSL, directly into SSL’s network system through the internet.
Your computer will behave as if it was connected directed to the SSL network, through an encrypted network connection.
How do I get it?
You’ll need an SSL-LDAP account to make it work for you.
Ok, now what do I do?
Download and install the client software on your computer:
Cisco AnyConnect 4.10 for Windows (updated 2023-06-11)
Cisco AnyConnect 4.10 for Mac (updated 2023-06-11) – When given the choices of Cisco AnyConnect packages to install, select only “VPN” and deselect all the other possibilities (e.g. “Web Security”, “Posture”, etc.). See Mac OSX Installation Notes below.
Cisco AnyConnect 4.10 for 64-bit Linux (updated 2023-06-11)
After installing, there should be a Cisco folder in your list of programs with the Cisco AnyConnect Secure Mobility Client program in it.
Run it.
The first time you use it, enter ssl-vpn.ssl.berkeley.edu and press Connect
Subsequent times you’ll be able to choose “01-SSL-VPN” from a dropdown list.
For Group, select 1-Default
Enter your SSL-LDAP username and password (this is the same as your SSL-AIR).
Click on Connect
The first time you run it, it may ask you if you wish to update the software, and update certificates. Agree or say yes to everything. Upon completion this may require a system reboot.
Now everything is installed.
Now you are directly connected to our SSL network.
What’s happening?
This is a split-tunnel VPN service ONLY. That means:
When your VPN is connected, your computer will get a VPN IP address in the private 10.17.168.* or 10.17.169.* range.
Network traffic to SSL computers will go through the VPN tunnel route (e.g. ssh to apollo).
Network traffic to non-SSL computers continues to go through your regular internet connection route (e.g. when streaming movies from Netflix, shopping at Amazon.com or searching Google).
When you are finished, don’t forget to disconnect from the VPN.
Is this the same as the UCB Campus VPN?
No, it’s not. The Campus VPN (bSecure) uses different software (Palo Alto Networks GlobalProtect). It gives you access to on-Campus resources (e.g. Blu, BearBuy, the Library, etc.), but it does not give you direct access to the SSL network (use the SSL VPN for that)
UCB Campus bSecure VPN Service
I’m having trouble with Mac OSX
When you are installing Cisco AnyConnect for the first time, select only the “VPN” package and deselect all the other possibilities (e.g. “Web Security”, “Posture”, etc.). The window should look similar to the setting below (Note: Action could say “Install” or “Upgrade”):
If you already installed the “web security” component, run the following command from a terminal window to start the removal process:
sudo /opt/cisco/anyconnect/bin/websecurity_uninstall.sh
I’m having trouble connecting with Linux
If it doesn’t work
If you have questions or comments or problems connecting to SSL servers and services while connected, send email to helpdesk@ssl.berkeley.edu for assistance.