Overview
VPN is a useful way to make a secure connection to the Cornell network remotely or utilizing a wireless connection. Another benefit of VPN is the ability to see your server shares, printers, and other Cornell resources without remotely connecting to an on-campus computer (more configuration is necessary past this documentation). Two-Step VPN goes one-step further in verifying that the person who is attempting to make a VPN connection is who they say they are. Below are instructions on how to make a successful VPN connection to the Cornell network using either a Windows or Mac computer.
1) Access The Cisco VPN Software
Windows
On the bottom right hand side on the desktop, click on the up arrow (near the clock) then select Cisco AnyConnect. The icon will look like a small globe. Alternatively, if the Cisco AnyConnect icon is not available after clicking on the arrow, you can find it by clicking on the Start menu 
on the far left hand side on the desktop. After clicking on Start, scroll down the alphabetical list and find Cisco -> Cisco AnyConnect Secure Mobility Client. Download and install the Cisco VPN client if your device does not have it. Please note that you will need administrative rights to install Cisco AnyConnect on your device.
Mac
On the desktop go to Go -> Applications – Cisco AnyConnect Secure Mobility Client. Click here to install the client. If the Go menu item is not visible, click once on an empty spot on the desktop.
2) Connect to VPN
The Cisco AnyConnect Secure Mobility Client pop-up box will appear. To the left of Connect, verify that cuvpn.cuvpn.cornell.edu is entered. If it is, click Connect.
3) Login To Two-Step VPN
A dialog box will appear with the heading Cisco AnyConnect | cuvpn.cuvpn.cornell.edu.Use the following options to connect:
Group = Select Two-Step_Login from the drop down menu.
Username = yournetid@IL-VPN (this is case sensitive so use capital letters for IL-VPN).
Password = your netid/email password.
DUO Passcode(push/sms/phone):
push: When typing push, a notification will be sent to your DUO Mobile app on your Smartphone.
sms: When typing sms, ten unique sets of numbers will be sent via text message to your Smartphone. Any of these codes can be used for twenty-four hours. Each code can only be used once.
phone: when typing phone, the default phone number setup in your two-step device management will ring to verify your identity.
4) Successful Connection Verified
Windows
The Cisco AnyConnect connected pop-up box will appear on the bottom right on your desktop verifying you’ve successfully connected to Two-Step VPN.
To double-check you’re still connected to VPN, click on the up arrow on the bottom right near the clock and look for an image of a lock over the top of a globe.
Mac
On the top right of the screen on the desktop (near the clock) a pop-up box will appear indicating a successful VPN connection.Also, at the top of the screen on the desktop near the clock, you can double check that you’re currently connected to VPN by looking for an image of a globe with a lock just to the right of the globe.
5) Disconnect
Windows
To disconnect from VPN, click on the up arrow by the clock -> select the image of the globe with a lock. The Cisco AnyConnect Secure Mobility Client pop-up will appear. Click Disconnect.
Mac
On the desktop, select the image of a globe with a lock at the top of the screen.A drop-down menu will appear. Choose Disconnect.
