UW Medicine Remote Access – University of Washington
UW Medicine Remote Access
Basic with Secure Meeting Mode
Username
Password
ATTENTION SSLVPN Production Firmware was upgraded on the 21st of July at 0500hrs. The Remote Desktop Services is now available through this portal again, please follow the instructions to remove old software components. Pulse Secure Client continues to work (Pulse Secure Client instructions). Sign in and FAQ-pages requires AMC domain login and password. Click Here for HIPAA Secure Meetings (For AMC Domain Users Only) *** Terms of Use *** All systems connecting to this remote access gateway must meet UW Medicine Information Security Policy. See for specific requirements and guidance. This UW Medicine system is for business use by authorized individuals only. Use of this system constitutes an expressed consent to electronic monitoring at all times. If monitoring reveals possible violations of criminal statutes, all relevant information will be provided to law enforcement officials. Individuals using this system without proper authorization will be in violation of UW Medicine security and/or privacy policies. Unauthorized users may also be subject to prosecution and/or UW Medicine sanctions. Users of the Pulse Secure / Network Connect mode are subject to monitoring of all network activity, regardless of source or destination! ******************* For installation instructions or further assistance, please visit the SSLVPN page Frequently Asked Questions (FAQ) (AMC credentials required); or contact UW Medicine Help Desk at or (206) 543-7012.
GlobalProtect VPN – Information Technology Services
Washington State University offers VPN access for those departments and users that require secure remote user access to specific, restricted university services and data. The VPN service provides authenticated and encrypted access to resources such as the administration of departmental servers, administrative systems and applications, and/or systems that house sensitive information.
Starting in September, ITS will be adding Multi-factor Authentication (MFA) to its general VPN portals. This will change the way that users log in to the VPN.
Information Technology Services has shifted from Cisco AnyConnect for all WSU users, excluding those with a Friend ID (FID). Users will now use GlobalProtect VPN service that can be manually downloaded and installed via the following pages:
VPN PortalUsername Used to AccessTypical People to Use Portal
NID*All WSU Staff and Students
NID*Everett Staff and Students
NID*Spokane Staff and Students
NID*Vancouver Staff and Students
NID*Tricities Staff and Students
Staff and Departmental IT
ITS Staff
*Note: WSU NID is same logon as mywsu
Installing Global Protect VPN – Mac/Linux
Installing Global Protect VPN – Windows
Connecting Chromebook to the GlobalProtect network
User FAQs regarding the updated service provider:
Faculty, staff, and student customers who are currently using the legacy SSLVPN will no longer be able to connect and must switch to the GlobalProtect VPN client beginning on March 19 at 10:00 pm.
Access to the legacy SSLVPN service will only be accessible by FID accounts.
The legacy SSLVPN service remains critical for a small number of use cases.
Updates are being made to ITS knowledge base articles and web resources to direct faculty, staff, and students to the GlobalProtect VPN service as the successor to SSLVPN.
Access to library resources will require users to sign on using their network ID (NID) and password.
Individuals wishing to access WSU resources via VPN who have a Friend ID, including visiting scholars, vendors, and other WSU associates, please continue to use the Cisco SSL/VPN as shown below. All current students, faculty, and staff please use the GlobalProtect tools for Mac or Windows that are available via the links above.
Washington State University offers SSL VPN access for those departments and users that require secure remote user access to specific, restricted university services and data. The SSL VPN service provides authenticated and encrypted access to resources such as the administration of departmental servers, administrative systems and applications, and/or systems that house sensitive information.
The SSL VPN service uses the Cisco AnyConnect client over SSL (Secure Socket Layer). Use of the WSU SSL VPN service requires the installation of the Cisco SSL VPN AnyConnect Mobility client. Users are able to manually download and install the mobility client for desktops and laptops from the following location: SSL VPN Client Download.
(Users of mobile devices, tablets, etc. will need to download AnyConnect Mobility clients from their local app stores, as these are not provided by WSU. )
SSLVPN
OS Requirements & Client Download Information
Installation Instructions
Remote Desktop Instructions
SSL VPN
Audience
All sponsored contractors, vendors, guests and any others (including 3rd parties) requiring remote access
Currently Supported Operating Systems
Windows 7, 8, 8. 1, and 10 (32 and 64 bit)
Mac OS X 10. 8, 10. 9, 10. 10, and 10. 11
Ubuntu 12. 04 (LTS), 14. 04 (LTS) (64 bit only)
(other linux distributions may work as well but are untested)
RedHat Linux 6 and 7
And many smartphones or tablets
Scope
The SSL VPN service allows secured communication from remote sites to the WSU campus. The SSL VPN service establishes a split tunnel that will route traffic intended for WSU over a secured link and provide a separate path for all other traffic via the local service provider’s internet connection.
Examples of where the SSL VPN service are required:
Where secure communications to restricted information at WSU is needed
At home or traveling and needing access to secure WSU services
Administrators at WSU who need secure remote communications to their on-campus equipment and services
Examples where the SSL VPN service is not required:
Applications that are in use by a large number of users
Applications that have little to no access restrictions
Standards
The WSU SSL VPN service can only be initiated from networks off the Pullman campus.
Custom Active Directory attributes are created for SSL VPN users upon registration. Faculty, staff, student or third party individuals are granted access to the SSL VPN service if they have a current active status with WSU. These attributes are systematically reviewed and updated daily.
Users will authenticate with their WSU NID or FID.
WSU reserves the right to remove users from the SSL VPN users group. Users who have been removed and later determine they need access may request through Coug Tech that they be given access again.
Security Notes
Active SSL VPN connections must never be left unattended.
Always disconnect an active SSL VPN connection when finished with a session.
Connections that remain idle (no interaction) for 30 minutes, will be automatically disconnected.
Login again to reconnect.
WSU recommends the use of local host firewalls for enhanced security.
Computers should have the latest service packs, critical updates, and security patches before connecting to the SSL VPN.
Anti-virus software must be enabled with up-to-date virus definitions installed.
Procedures to Connect
Make sure your system satisfies the SSL VPN operating system and browser requirements
Complete the Mandatory one time self-registration
Connect to the WSU SSL VPN Service
Follow prompts for one time client installation
SSL VPN Client Download for pre-installation on appropriate systems.
Policy
The WSU SSL VPN service will provide users secure and encrypted access to restricted WSU resources when connected to the internet from outside of the domain. SSL VPN is intended to provide authenticated/encrypted access to restricted resources. Users who access WSU resources via the SSL VPN are subject to the same policies as users within the domain.
Compliance
All parties as delineated under Audience are required to comply with this that all network activity while connected to the traditional or SSL VPN is subject to the University’s normal acceptable use policies.
Individuals who discover or strongly suspect the violation of this policy must promptly notify the IT Security Office at
509-335-HELP(4357) (8:00am – 5:00pm) or
SSL VPN Client Download & Set-up
Mobile Requirements
DeviceOS
iPad Air7. 0 or later
iPad 26. 0 or later
iPad (3rd generation)6. 0 or later
iPad (4th generation)6. 0 or later
iPad mini6. 0 or later
iPad mini (with Retina display)7. 0 or later
iPhone 3GS6. 0 – 6. 1. 6
iPhone 46. 0 – 7. 2
iPhone 4S6. 0 or later
iPhone 56. 0 or later
iPhone 5C7. 0 or later
iPhone 5S7. 0 or later
iPhone 68. 0 or later
iPhone 6 Plus8. 0 or later
iPod Touch (4th generation)6. 16
iPod Touch (5th generation)6. 0 or later
ATT Tilt 3. 57. 502. 2 WWE Note: TouchFLO must be dows Mobile 6. 1 Professional
Axim X51v with ROM: A03 (23092007Windows Mobile 6. 0 Classic
HTC Touch ProWindows Mobile 6. 1 Professional
HTC TouchWindows Mobile 6. 0
HTC ImagioWindows Mobile 6. 5
HTC Tilt 2
HTC TyTNWindows Mobile 5. 0
iPAQ 2790Windows Mobile 5. 0 PocketPC
Palm Treo 700wx: Windows Mobile 5. 0+AKU2 PDA Phone
Sprint TREO 700WX-1. 15-SPNT
Palm Treo 750: Windows Mobile 6. 0 Professional
AT&T TREO750-2. 27-RWE
AT&T TREO 750-2. 25-ATT
T-Mobile TREO750-2. 27-RWE
Palm Treo 800-Sprint Treo 800w-1. 03-SPNTWindows Mobile 6. 1 Professional
Palm Treo Pro: Windows Mobile 6. 1 Professional
AT&T T850UNA-1. 01-NAE
Sprint T850EWW-1. 03-SPT
T-Mobile T850UNA-1. 01-NAE
Samsung Windows Mobile 6. 1 Professional
Epix SGH-i907
Omnia SCH-i910
Saga SCH-i770
Samsung Omnia Pro 4Windows Mobile 6. 5
Sprint Touch with ROM: 3. 03. 651. 4 Windows Mobile 6. 1 Professional
Note: TouchFLO must be disabled.
T-Mobile Wing 4. 26. 531. 1 WWEWindows Mobile 6. 0 Professional
Verizon XV6800 with ROM: 1. 00. H: Windows Mobile 6. 0 P
Verizon 2. 09. 605. 8
Verizon 3. 1
Workstation Requirements
Operating SystemRequirement
WindowsSystem RequirementsPentium class processor or greater
100 MB hard disk space
Microsoft Installer, version 3. 1
Windows 7, 8, 8. 1, and Windows 10 x86 (32-bit) or x64 (64-bit)
Internet Explorer 6. 0 is no longer supported
Cisco will not offer Windows XP and Vista as a supported operating system for present or future AnyConnect releases.
AnyConnect is not supported on Windows RT. There are no APIs provided in the operating system to implement this functionality. Cisco has an open request with Microsoft on this topic.
Mac OSOS RequirementsMac OS X 10. 10 and 10. 11
Max OS X Support Notes
Mac OS X 10. 5, 10. 6, and 10. 7 are no longer supported by Cisco.
AnyConnect requires 50MB of hard disk space.
To operate correctly with Mac OS X, AnyConnect requires a minimum display resolution of 1024 by 640 pixels. Mac OS X 10. 8 introduces a new feature called Gatekeeper that restricts which applications are allowed to run on the system. You can choose to permit applications downloaded from:
Mac App Store
Mac App Store and identified developers
Anywhere
The default setting is Mac App Store and identified developers (signed applications). AnyConnect release 4. 1 is a signed application, but it is not signed using an Apple certificate. This means that you must either select the Anywhere setting or use Control-click to bypass the selected setting to install and run AnyConnect from a pre-deploy installation. Users who web deploy or who already have AnyConnect installed are not impacted. For further information see:
LinuxOS Requirements
x86 instruction set.
64-bit processor.
32 MB RAM.
20 MB hard disk space.
Superuser privileges are required for installation.
libstdc++ users must have (GLIBCXX_3. 4) or higher, but below version 4.
Java 5 (1. 5) or later. The only version that works for web installation is Sun Java. You must install Sun Java and configure your browser to use that instead of the default package.
zlib – to support SSL deflate compression
xterm – only required if you’re doing initial deployment of AnyConnect via Web launch from ASA clientless portal.
gtk 2. 0. 0.
gdk 2. 0
libpango 1. 0 or a compatible build such as package or
iptables 1. 2. 7a or later.
tun module supplied with kernel 2. 4. 21, 2. 6
Web based installation of the sslvpn client utilizes either ActiveX (with IE) or Oracle Java to download and install the clients. Because of the numerous security issues that Java and ActiveX poses, it is highly recommended that users download the clients from the following web page and manually install them and not have to deal with Java or ActiveX.
OneDrive
OneDrive – What do you get?
OneDrive Limitations
OneDrive – Sharing Your Files and Folders with Others
Accessing your OneDrive Files and Folders via a Web Browser
Restore/View previous version of documents in OneDrive
Add and sync shared folders to OneDrive
Managing OneDrive Space and Sync Folders
Office 365
Office 365 Applications – What do you get?
List of Office 365 Applications Available by Device
Co-Editing Word, Excel and PowerPoint files between Teammates
Compatibility Matrix for Office 365 Click-to-Run and Visio/Project Standalone Installations
Using Office Online via a Web Browser
Deactivating Office 365 for a Windows PC or Mac
Power BI
What is Power BI?
Using Power BI Online via a Web Browser
Power BI Tutorials
SSL-VPN Help – ESDWAGOV
Make sure you have remote access
If you do not have remote access, please visit the Remote Access/VPN section on InsideESD to get started.
Activating soft token
If you already have ESD network remote access, activating your soft token is a simple four-step process:
Open the RSA application icon on your smart device. It may appear as an ‘i’ in the lower right corner of your device.
Touch the Email button on the ‘Device ID’ screen and send the information to “ESD DL ITBI Security”.
Once Information Security gets the email, they will send an activation request to CTS.
Within 10 working days, Information Security will contact you and send you an email with your soft token for your smart device
The soft token application won’t open.
Uninstall and then reinstall the RSA application. If you have a smart device, look in your devices “Play Store” to find a new RSA application.
If you have a laptop or desktop computer, contact the Service Desk at 1-877-397-1212 for assistance.
The RSA soft token application is missing.
The token passcode isn’t recognized in the login process.
Is there a space between the two sets of numbers? If so, remove it. Try retyping the passcode (no space).
My new PIN doesn’t work.
Soft token PINs must be 5-numbers long ( no letters), and cannot start with zero (0). Double check your PIN and try again. If it still doesn’t work contact the Service Desk at 1-877-397-1212 for assistance.
My VPN connection doesn’t work.
This could be for a variety of reasons, including:
PIN Number: 5-numbers long, cannot start with zero (0), and can only contain numbers. Try again.
Password Lockout – this happens after your fourth attempt. Contact the Service Desk at 1-877-397-1212 to reset your password.
Did your smart device or laptop change recently? Soft token is assigned to a specific device, so if you have been assigned or are using a new/replacement device, your remote access won’t work until the token is reassigned. Contact the Service Desk at 1-877-397-1212 for assistance.
The VPN login process froze up in mid-stream.
This could be for several reasons;
Laptop or desktop computer: Internet Explorer 8 or higher must run in Compatibility mode:
Note: The ‘broken document’ button only appears when going to an ‘’ URL. This button will appear pushed in when activated.
Laptop or desktop: Specific browser settings need to be activated. Select ‘Tools/Internet Options, then go to the ‘Advanced’ tab. Ensure the following five settings are checked on:
TLS1. 0
TSL1. 5
SSL1. 0
SSL2. 0
SSL3. 0
iPhone: Browser Popup Blocker may be turned on:
Click on ‘Tools’
Highlight ‘Pop-up Blocker’
Turn off ‘Pop-up Blocker’
Still not working? Contact the Service Desk at 1-877-397-1212 for assistance.
I received a ‘The user name or password is incorrect’ or ‘The system could not log you on’ message when remotely accessing and logging onto my computer.
Ensure you are using your regular Windows/Network user name and password when remotely accessing and logging onto your work PC/laptop; the same way you would if you were at your normal workstation. Your user name is typically a combination of your first initial and last name.
Example: John Brown’s user name would be JBrown.
I’ve entered my password too many times and am locked out.
Contact the Service Desk at 1-877-397-1212 or create a Remedy ticket to have your password reset.
I’ve forgotten my password.
I have authenticated through the SSL VPN system and I’m at the ‘Welcome’ screen. I can’t get the Remote Desktop Protocol (RDP) to work (‘Terminal Session’ on the bar across the Welcome screen).
You will need to configure the terminal services:
You’ll need your FQDN (fully qualified domain name: esd1 + IT number + example:).
IT number (orange tag on your desktop tower or laptop)
Client port # is 3389
Color (dropdown) – choose 32bit and save (for iPhones, must use 32 bit Internet Explorer to run Juniper)
Remote access doesn’t work on my laptop.
This could be for several reasons:
Using Internet Explorer 8, 9 or 10 requires browser be set to ‘Compatibility Mode’.
Active Directory security group is not connected.
Service provider issue (i. e., Comcast, other provider).
Internet device not working (i. e., aircard, Wi-Fi device).
No service. Remote access won’t work if your internet connection is down.
Also see: VPN home | Soft token install | VPN information