1. Prerequisite
- 2-factor authentication (2FA) is required for accessing the HKUVPN service.
Please uninstall any earlier version of Cisco Anyconnect VPN from your Mac before you start the following installation.
2. Configuration Procedures (to be done once only):
The following steps are illustrated using Mac OS.
- Download the VPN client for Mac from here.
- (Optional step) Depending on your browser setting, your computer may automatically mount the dmg to your desktop. To manual mount the setup disk, double click the anyconnect-.dmg file and a volume disk labeled with AnyConnect- will appear on your desktop.
- Double click the volume disk AnyConnect- and click AnyConnect.pkg to start the installation process.
- Click the Continue button.
- Click the Continue button.
- Click the Agree button to accept the license terms.
- Check “VPN” package only and uncheck other packages including “Web Security”, “AMP Enabler”, “Diagnostics and Reporting Tool”, “Posture” and “ISE Posture”, “Network Visibility” and Umbrella Roaming Security”. Click the Continue button.
- Click the Install button.
- Depending on your computer settings, you may be asked to allow the installation of VPN client. If the following dialogue box is shown, type the username and password of your Mac in the Username and Password fields respectively. Click the Install Software button.
- Click Close button to complete the installation.
- After installing Cisco AnyConnect, click Open Security Preferences when the System Extension Blocked pop-up appears.
- Click the Lock Icon to unlock the settings for changes in Security & Privacy Window
- Type the username and password of your Mac in the Username and Password fields respectively. Click the Unlock button.
- Click Allow button next to message of System software from application “Cisco AnyConnect Socket Filter” was blocked from loading
Below steps are required in MacOS 11.x (Big Sur) or later only. After the release of MacOS Big Sur, the AnyConnect VPN client must be allowed in System Extension
3. Connection Procedures
- Select Go and choose Applications.
- The VPN Client is installed in /Applications/Cisco/Cisco Anyconnect Secure Mobility Client. Double click Cisco Anyconnect Secure Mobility Client to launch the VPN client.
- Enter vpn2fa.hku.hk and click Connect button.
- Enter your HKU Portal UID and PIN in the Username and Password fields respectively and click OK button.
- (i) Applicable to staff/students who choose EMAIL TOKENYou will receive an email containing the 6-digit email token to your registered alternate email address. The token is valid for 5 minutes after its sent out time.
(ii) Applicable to staff who choose APP TOKEN Please retrieve the app token from your mobile device. The token is valid for 1 minute after it is obtained. Note: For installation of the mobile app, please refer to here.
On Android devices- On iOS devices- - Open FortiToken Mobile.
- Open FortiToken.
- Enter your PIN of 4 digits to unlock the app.
- Enter your PIN of 4 digits to unlock the app.
- App token will be retrieved.
- App token will be retrieved.>
- Enter the 6-digit One Time Password in the Answer box and click Continue.
- After successful connection, a VPN Logo with padlock will appear.
- Click the VPN icon and click Disconnect to disconnect from HKUVPN Server.
