Establishing a remote connection (VPN) to an Aalto network
A remote connection, or a VPN connection, enables users to use the services of Aalto University outside of the university's network. At Aalto University, the client available is automatically distributed to all Aalto installed laptops.
The remote connection can also be installed on students’ and employees’ own devices, in which case using the VPN requires the installation of separate client software and the specification of the connection address from the device’s settings.
Aalto VPN servers require Multifactor Authentication (MFA, 2FA) since May 2021. The user will be directed to browser to sign-in and accept MFA. The authentication will continue normally after the acceptance. This change was needed to improve security.
This change does not apply to centrally managed Aalto University laptops apart from Aalto Linux workstation.
When the VPN connection is in use, all of the device's online activity is conducted via the university's servers, which may restrict or slow down the use of local online services.
Aalto's Windows 10 laptops
You can connect to the VPN from the login screen or later when you are already logged in to your computer.
Choose primarily vpn1.aalto.fi or vpn2.aalto.fi
Connect VPN from the computer´s login screen
1. Connect to AnyConnect VPN from the login screen by pressing CTRL+ALT+DEL and clicking the network icon (where the red arrow is pointed)
2. Click the Connect button to start AnyConnect VPN
3. Sign in
Connect VPN when you are already logged in to your computer
1. Open the Start menu by pressing the Windows button, and select Aalto VPN connection (see image below).
2. In the window that opens, choose primarily vpn1.aalto.fi or vpn2.aalto.fi
3. Click Connect.
4. Your laptop has now a remote connection.
When you want to close the connection,
1. Select the arrow in the bottom right bar (item 1. in the image) and the VPN remote connection icon (item 2. in the image).
2. In the window that then opens, select Disconnect.
3. The remote connection has now been closed.
Aalto VPN is not operational in the eduroam network used on Aalto campuses. If, for some reason, you need the VPN connection while on campus, you can use Aalto Open and Cisco’s VPN application, for example.
Aalto's Mac laptops
1. Open the Spotlight search and use the search term Cisco. Select the Cisco AnyConnect Secure Mobility Client application and click it open.
2. The application opens a new window. Make sure that the address in the pull-down box is in the format vpn1.aalto.fi or vpn2.aalto.fi (or vpn.aalto.fi).
3. Press Connect to create a VPN connection.
NOTE! When you open the Cisco application for the first time, it may be updated. If an update is required, you will receive the message below, and the application is updated automatically.
4. When the AnyConnect Secure Mobility Client Downloader window has closed, press the icon that has appeared in the top corner of the screen. This brings out the VPN menu. In this menu, you can, for instance, open the Cisco AnyConnect window where you can check the status of the VPN connection by pressing the Show AnyConnect Window text. You can also close the VPN connection by pressing the Disconnect text below the grey VPN text.
5. The VPN connection has been established when there is green symbol above the lock in the AnyConnect window, and when the text Connected to vpn.aalto.fi is shown below the VPN text.
NOTE! Aalto VPN is not operational in the eduroam network used on Aalto campuses. If you need the VPN connection while on campus, use the aalto open network and Cisco’s VPN connection. You can also use the wireless aalto network, in which case you do not need to use the VPN connection!
Aalto Ubuntu Laptops
Using VPN on Aalto Ubuntu Laptops is possible with OpenConnect client if package "aalto-vpn" has been installed. Using the package, VPN-connection can be established with the client certificate instead of username and password.
The package is set to be installed automatically on Ubuntu Laptops but it is possible that the package is not preinstalled if the laptop has not been connected to Aalto-network for a long while. You may check if the package is already installed using command "dpkg -s aalto-vpn".
If the command gives a line that says "Status: install ok installed" the package is already installed. If the package is not installed, the primary user of the computer may install it using commands:
$ pkcon refresh
$ pkcon install aalto-vpn
After the package is installed, VPN can be used by clicking the arrow on the right-hand side of the top bar, choosing VPN, and choosing "Aalto VPN 1" or "Aalto VPN 2". (picture)
When the VPN-connection has been established "VPN"-icon is displayed on the top bar.
VPN can also be activated from the command line using command:
$ nmcli connection up Aalto\ VPN\ 1
$ nmcli connection up Aalto\ VPN\ 2
Remote connection to students’ and employees’ own devices
A VPN remote connection can be installed on many different devices and platforms. However, the remote connection always requires the installation of the client software and the specification of the connection address from the device’s settings.
The connection address is the same for all platforms: vpn1.aalto.fi or vpn2.aalto.fi (or vpn.aalto.fi)
1. Installation of the client software
- Windows, Mac, Linux computers You can download the Client software from https://download.aalto.fi/ (recommended). The software can also be downloaded from https://vpn.aalto.fi
- Android You can download AnyConnect application for Android devices from Google Play.
- iOS You can download Cisco Secure Client application for iOS devices from Apple’s App Store.
- Windows phones AnyConnect is also available for Windows Phone 8.1 and Windows 10 Mobile devices from Windows Store
2. Establishing a connection
Once you have installed theClient application on your device, enter the connection address as vpn1.aalto.fi or vpn2.aalto.fi (or vpn.aalto.fi). After this, use your own Aalto user ID for the log-in.
Eduroam is an international, academic roaming system that is primarily intended for visitors to Aalto University.
You can use the instructions below to share the wireless network in your phone (iPhone or Android) with your computer (hotspot).
Aalto University has three wireless networks available.
It is easier to use a network drive when you use a link instead of a long file path. There are two convenient ways of making links in Windows: the Favorites-/Quick access unction, and mapping a network drive as a drive letter.
Instructions on how to connect a Mac workstation to a network drive
Multifactor Authentication (MFA, 2FA) is a method of confirming user’s identity with two or more pieces (mobile app) of evidence when signing on to a system or a service.