Setup Procedure of HKUVPN with 2-Factor Authentication (2FA) for Mac OS X

1. Prerequisite

  1. 2-factor authentication (2FA) is required for accessing the HKUVPN service.  
  2. Please uninstall any earlier version of Cisco Anyconnect VPN from your Mac before you start the following installation.

2. Configuration Procedures (to be done once only):

The following steps are illustrated using Mac OS.
  1. Download the VPN client for Mac from here.
  2. (Optional step) Depending on your browser setting, your computer may automatically mount the dmg to your desktop. To manual mount the setup disk, double click the anyconnect-.dmg file and a volume disk labeled with AnyConnect- will appear on your desktop.
  3. double click the anyconnect-.dmg file and a volume disk labeled with AnyConnect- will appear on your desktop
  4. Double click the volume disk AnyConnect- and click AnyConnect.pkg to start the installation process.
  5. Double click the volume disk AnyConnect- and click AnyConnect.pkg
  6. Click the Continue button.
  7. Click the Continue
  8. Click the Continue button.
  9. Click the Continue
  10. Click the Agree button to accept the license terms.
  11. Click the Agree button
  12. Check “VPN” package only and uncheck other packages including “Web Security”, “AMP Enabler”, “Diagnostics and Reporting Tool”, “Posture” and “ISE Posture”, “Network Visibility” and Umbrella Roaming Security”.  Click the Continue button.Check “VPN” package only and uncheck other packages
  13. Click the Install button.
  14. Click the Install button
  15. Depending on your computer settings, you may be asked to allow the installation of VPN client. If the following dialogue box is shown, type the username and password of your Mac in the Username and Password fields respectively. Click the Install Software button.
  16. type the username and password of your Mac in the Username and Password fields respectively. Click the Install Software button
  17. Click Close button to complete the installation.
  18. Click Close button to complete the installationBelow steps are required in MacOS 11.x (Big Sur) or later only. After the release of MacOS Big Sur, the AnyConnect VPN client must be allowed in System Extension
    • After installing Cisco AnyConnect, click Open Security Preferences when the System Extension Blocked pop-up appears.
    • click Open Security Preferences when the System Extension Blocked pop-up appears
    • Click the Lock Icon to unlock the settings for changes in Security & Privacy Window
    • Click the Lock Icon to unlock the settings for changes in Security & Privacy Window
    • Type the username and password of your Mac in the Username and Password fields respectively. Click the Unlock button.
    • Type the username and password of your Mac in the Username and Password fields respectively. Click the Unlock button
    • Click Allow button next to message of System software from application “Cisco AnyConnect Socket Filter” was blocked from loading
    • Click Allow button next to message of System software from application “Cisco AnyConnect Socket Filter” was blocked from loading

3. Connection Procedures

  1. Select Go and choose Applications.
  2. Select Go and choose Applications
  3. The VPN Client is installed in /Applications/Cisco/Cisco Anyconnect Secure Mobility Client. Double click Cisco Anyconnect Secure Mobility Client to launch the VPN client.
  4. Double click Cisco Anyconnect Secure Mobility Client to launch the VPN client
  5. Enter vpn2fa.hku.hk and click Connect button.
  6. Enter vpn2fa.hku.hk and click Connect button
  7. Enter your HKU Portal UID and PIN in the Username and Password fields respectively and click OK button.
  8. Enter your HKU Portal UID and PIN in the Username and Password fields respectively and click OK button
  9. (i) Applicable to staff/students who choose EMAIL TOKENYou will receive an email containing the 6-digit email token to your registered alternate email address. The token is valid for 5 minutes after its sent out time.

    You will receive an email containing the 6-digit email token to your registered alternate email address

    (ii) Applicable to staff who choose APP TOKENPlease retrieve the app token from your mobile device. The token is valid for 1 minute after it is obtained.Note: For installation of the mobile app, please refer to here.

    On Android devices-On iOS devices-
    • Open FortiToken Mobile.
    • Open FortiToken Mobile
    • Open FortiToken.
    • Open FortiToken
    • Enter your PIN of 4 digits to unlock the app.
    • Enter your PIN of 4 digits
    • Enter your PIN of 4 digits to unlock the app.
    • Enter your PIN of 4 digits
    • App token will be retrieved.
    • App token will be retrieved
    • App token will be retrieved.>
    • App token will be retrieved
  10. Enter the 6-digit One Time Password in the Answer box and click Continue.
  11. Enter the 6-digit One Time Password in the Answer box and click Continue
  12. After successful connection, a VPN Logo with padlock will appear.
  13. After successful connection, a VPN Logo with padlock will appear
  14. Click the VPN icon and click Disconnect to disconnect from HKUVPN Server.
  15. Click the VPN icon and click Disconnect
3
11

Latest News

     

    Knowledge Base