Using the university VPN (Linux)

The U-M VPN is available to all University of Michigan students, faculty, and staff who have a valid U-M uniqname and Kerberos password.

We have provided separate articles for configuring the VPN in other environments, such as on Mac and Windows computers. In addition, ITS has setup instructions linked from their Getting Started page.

Objective

Connect a Linux machine to the VPN service provided by University of Michigan ITS.

Environment

Linux

Procedure

Although ITS provides the Cisco VPN client for Linux, we have found that the VPN functionality provided natively in Linux, via vpnc and NetworkManager, is sufficient and arguably easier to use. However, vpnc packages may not be readily available on all distributions.

 Note
We now recommend the Cisco AnyConnect client provided by ITS for all versions of Linux, due to its integration with Duo 2FA among other things.

Cisco AnyConnect initial setup

After installing the Cisco AnyConnect VPN client for the first time, you may need to provide the gateway in the field labeled "Connect to".  Enter "umvpn.umnet.umich.edu". After doing this, you should have access to the various connection profiles.

 Caution
You may have trouble making a connection if you are not the only user logged in on the system. If the AnyConnect client does not connect, try switching users and logging out from the other active account.
 Tip
For best performance when working remotely, choose "UMPVN - Only U-M Traffic".

Configuring the vpnc client

  1. Depending on distro:
    • RHEL/CentOS/Fedora users — Verify that the packages vpnc, NetworkManager-vpnc, and NetworkManager-vpnc-gnome are installed. Run yum install vpnc NetworkManager-vpnc NetworkManager-vpnc-gnome if they are missing.
    • Ubuntu users — Verify that the packages network-manager-vpnc and network-manager-vpnc-gnome are installed. Run apt install network-manager-vpnc network-manager-vpnc-gnome if they are missing.
  2. Find and open the NetworkManager setup applet. The specific location will depend on the distro and desktop environment, but it will be something like Settings > Network Connections.
  3. Click the + button to add a VPN connection, and choose "Cisco Compatible VPN (vpnc)."
  4. Enter the following information:
    • Name — Enter a name for the connection, such as U-M VPN. It can be whatever you prefer.
    • Gateway — Enter umvpn.umnet.umich.edu exactly as shown.
    • User name — Enter your uniqname.
    • User password — Enter your UMICH password.
    • Groupname — Enter either UM-off-campus-access (only U-M traffic goes over the tunnel) or UM-on-campus-wireless (all traffic goes over the tunnel). If you are off campus, be sure to use the "UM-off-campus-access" profile, to reduce the load on the university networks.
    • Group password — Enter the password, WseaTBed!.
  5. Click Apply or Save.
 Note
In order to enter passwords in the fields mentioned above, you may need to click the ? in the password field, and select a password policy.

Alternatives

Additional notes

Details

Article ID: 1787
Created
Wed 5/27/20 10:58 AM
Modified
Wed 7/28/21 10:33 AM