Two-Step VPN - Windows and Mac


VPN is a useful way to make a secure connection to the Cornell network remotely or utilizing a wireless connection.  Another benefit of VPN is the ability to see your server shares, printers, and other Cornell resources without remotely connecting to an on-campus computer (more configuration is necessary past this documentation).  Two-Step VPN goes one-step further in verifying that the person who is attempting to make a VPN connection is who they say they are.   Below are instructions on how to make a successful VPN connection to the Cornell network using either a Windows or Mac computer.

1) Access The Cisco VPN Software


On the bottom right hand side on the desktop, click on the up arrow (near the clock) then select Cisco AnyConnect.  The icon will look like a small globe.  Alternatively, if the Cisco AnyConnect icon is not available after clicking on the arrow, you can find it by clicking on the Start menu on the far left hand side on the desktop.  After clicking on Start, scroll down the alphabetical list and find Cisco -> Cisco AnyConnect Secure Mobility ClientDownload and install the Cisco VPN client if your device does not have it. Please note that you will need administrative rights to install Cisco AnyConnect on your device.


On the desktop go to Go -> ApplicationsCisco AnyConnect Secure Mobility ClientClick here to install the client.  If the Go menu item is not visible, click once on an empty spot on the desktop.

2) Connect to VPN

The Cisco AnyConnect Secure Mobility Client pop-up box will appear.  To the left of Connect, verify that is entered.  If it is, click Connect.

3) Login To Two-Step VPN

A dialog box will appear with the heading Cisco AnyConnect | the following options to connect:

Group = Select Two-Step_Login from the drop down menu.

Username = yournetid@IL-VPN (this is case sensitive so use capital letters for IL-VPN).

Password = your netid/email password.

DUO Passcode(push/sms/phone):

push: When typing push, a notification will be sent to your DUO Mobile app on your Smartphone.

sms: When typing sms, ten unique sets of numbers will be sent via text message to your Smartphone.  Any of these codes can be used for twenty-four hours.  Each code can only be used once.

phone: when typing phone, the default phone number setup in your two-step device management will ring to verify your identity.

4) Successful Connection Verified


The Cisco AnyConnect connected pop-up box will appear on the bottom right on your desktop verifying you’ve successfully connected to Two-Step VPN.

To double-check you’re still connected to VPN, click on the up arrow on the bottom right near the clock and look for an image of a lock over the top of a globe.


On the top right of the screen on the desktop (near the clock) a pop-up box will appear indicating a successful VPN connection.Also, at the top of the screen on the desktop near the clock, you can double check that you’re currently connected to VPN by looking for an image of a globe with a lock just to the right of the globe.

5) Disconnect


To disconnect from VPN, click on the up arrow by the clock -> select the image of the globe with a lock.  The Cisco AnyConnect Secure Mobility Client pop-up will appear.  Click Disconnect.



On the desktop, select the image of a globe with a lock at the top of the screen.A drop-down menu will appear.  Choose Disconnect.