1. Prerequisite

  1. 2-factor authentication (2FA) is required for accessing the HKUVPN service.
  2. Please uninstall any earlier version of Cisco Anyconnect VPN client from your PC before you start the following installation.

2. Configuration Procedures (to be done once only)

Note: The following steps are prepared based on Ubuntu 14.04.3 LTS.
  1. Download the VPN client for Linux from here.
  2. Obtain superuser rights to run the installation script. For example-
    sudo bash
  3. Unzip the VPN client with the following command-
    tar zxvf anyconnect-<VERSION>-k9.tar.gz
    The files extracted will be saved to a directory named anyconnect-<VERSION> under the current directory.
  4. Go to VPN client directory and type the following command-
    ./vpn_install.sh
  5. You will be prompted to accept the license agreement as shown below-
    Do you accept the terms in the license agreement? [y/n]
    Press “y” and “Enter” key to accept the license agreement.
  6. After installation is completed, you will see-
    Starting Cisco AnyConnect Secure Mobility Client Agent…Done!
  7. Install the root CA certificates to complete the setup.
    cp /etc/ssl/certs/* /opt/.cisco/certificates/ca/

3. Connection Procedures

3.1 By command line

  1. Start the VPN client by following command-
    /opt/cisco/anyconnect/bin/vpn connect vpn2fa.hku.hk
  2. Enter your HKU Portal UID and PIN when you see the username and password command line.
    Username: Password:
  3. (i) Applicable to staff/students who choose EMAIL TOKENYou will receive an email containing the 6-digit email token to your registered alternate email address. The token is valid for 5 minutes after its sent out time.


  4. vpn_connect_03

    (ii) Applicable to staff who choose APP TOKEN

    Please retrieve the app token from your mobile device. The token is valid for 1 minute after it is obtained.

    Note: For installation of the mobile app, please refer to here.

    On Android devices-On iOS devices-
    • Open FortiToken Mobile
    .vpn_connect_10
    • Open FortiToken.
    vpn_connect_08
    • Enter your PIN of 4 digits to unlock the app.
    2fa_token_01
    • Enter your PIN of 4 digits to unlock the app.
    2fa_token code_02
    • App token will be retrieved.
    vpn_connect_12v
    • App token will be retrieved.
    vpn_connect_13
  5. Enter the 6-digit One Time Password in the Answer command line and press Enter.
    >> Authentication Message>> Please enter your token code:Answer: <6-digit One Time Password>
  6. When connected, you will see-
    >> notice: Establishing VPN…>> state: Connected>> notice: Connected to vpn2fa.hku.hk
  7. To disconnect from VPN connection, type the following command-
    /opt/cisco/anyconnect/bin/vpn disconnect

3.2 By GUI client

  1. Start the VPN client by the following command-
    /opt/cisco/anyconnect/bin/vpnui
  2. Type “vpn2fa.hku.hk” in the Connect to field and click Connect.
  3. linux_2fa_01
  4. Enter your HKU Portal UID and PIN in the Username and Password fields respectively and click Connect.
  5. linux_2fa_02
  6. (i) For students and staff who choose to use email token. You will receive an email containing the 6-digit email token to your registered alternate email address. The token is valid for 5 minutes after its sent out time.vpn_connect_03

    (ii) For staff who choose to use app token, please retrieve the app token from your mobile device. The token is valid for 1 minute after it is obtained.Note: For installation of the mobile app, please refer to here

    On Android devices-On iOS devices-
    • Open FortiToken Mobile.
    • vpn_connect_10
    • Open FortiToken.
    • vpn_connect_08
    • Enter your PIN of 4 digits to unlock the app.
    • 2fa_token_01
    • Enter your PIN of 4 digits to unlock the app.
    • 2fa_token code_02
    • App token will be retrieved.
    • vpn_connect_12v
    • App token will be retrieved.
    • vpn_connect_13
  7. Enter the 6-digit One Time Password in the Answer box and click Continue.
  8. linux+_2fa_04
  9. To disconnect from HKUVPN server, click Disconnect.
  10. linux_2fa_05
0
0

Latest News

    Knowledge Base