AWS instances, by default, cannot connect to private campus networks. AWS VPN allows a secure connection from instances to U-M campus private networks. The VPN consists of two tunnels for automatic failover to avoid access interruption to your AWS VPC. ITS provides an option to increase redundancy by using two pairs of VPN nodes over sites. Should one site go offline, the other site will accept traffic. Customers providing a customer facing application or need production availability should use two tunnels.
VPN Support
The UMVPN is automatically installed on all MiWorkspace Mac devices and is used to access your home directory and department drives.
The Cisco AnyConnect Secure Mobility Client is the recommended method for connecting to U-M's Virtual Private Network (UMVPN) on a Mac device. This is the most secure method and is protected by Duo two-factor authentication. If you have a MiWorkspace supported Mac, Cisco AnyConnect is already installed on your device.
By default, when connecting to the UMVPN application (with a client other than the Cisco AnyConnect client or a unit specific profile) Duo will send you a push notification during authentication. If you want to use a different Duo authentication method you can use the Duo Append Mode which allows you to choose from the following options:
The built-in macOS VPN client does not automatically save your login credentials. If you do not wish to re-enter your account name and password each time you connect to a VPN profile, you can save your login credentials. Note that this is not recommended for shared devices with multiple users.
Looking for instructions to connect to the UMVPN? See Connect to UMVPN using macOS Built-In VPN Client.
Overview
This document provides instructions for downloading and installing the Cisco AnyConnect VPN client after the release of macOS Big Sur. Big Sur is macOS 11.0. and now requires users to open security preferences when installing Cisco Anyconnect. This step is required with changes to macOS security.
Notes:
This documentation provides VPN configurations for unmanaged or personal devices (e.g., research users or bring-your-own-device users).
If you use a U-M managed device (e.g. MiWorkspace or Izzy), VPN software and profiles are already configured for you.
Download the Android & Chrome OS Cisco Secure Client (AnyConnect).
Note: If you are using a University of Michigan MiWorkspace managed device, VPN software and profiles are configured for you. Please see MiWorkspace Work Remotely for more information. If you need help connecting to VPN on a managed device, please contact the ITS Service Center. These pages provide VPN configurations for unmanaged devices (e.g.
Download and Configure the VPN Client
Download and install Cisco Secure Client from the App Store.
Open the installed application.
Select Connections, then Add VPN Connection.
Staff, faculty, students, or sponsored affiliates should enter umvpn.umnet.umich.edu as the Server Address in the Connection Editor.
Tap Save.
A pop up opens: "AnyConnect"