Setup Procedure of HKUVPN with Multi-Factor Authentication (MFA) for iOS Devices

1. Prerequisite

  1. MFA authentication (MFA) is required for accessing the HKUVPN service.
  2. Only the Microsoft Authenticator App or SMS (Phone Text) are supported as sign-in methods for logging into the HKUVPN service. The phone call method is NOT compatible with HKU VPN. Please refer to the appendix for instructions on changing your default sign-in method to a supported option.
  3. Cisco Secure Client (Formerly AnyConnect Secure Mobility Client) is required to run on iOS devices with iOS 10 or above. Please uninstall any earlier version of Cisco Anyconnect VPN client from your device before you start the following installation.

2. Configuration Procedures (to be done once only)

  1. Go to App Store.

    download

  2. Type“cisco secure client” under the search box.

    Type“cisco secure client” under the search box.

  3. Tap Getnext to Cisco AnyConnect to download the app.

    Tap Getnext to Cisco AnyConnect to download the app.

  4. Double-click side buttonto kick off the installation.

    Double-click side buttonto kick off the installation.

  5. After installation, open Cisco AnyConnect.

    After installation, open Cisco AnyConnect.

  6. Tap Allow to allow the Notification.

    Tap Allowto allow the Notification.

  7. To add a VPN profile, tap Connectionsand tap Add VPN Connection….

    To add a VPN profile, tap Connectionsand tap Add VPN Connection….

    To add a VPN profile, tap Connectionsand tap Add VPN Connection….


  8. Under Add VPN Connection
    1. Type“HKU VPN” in the Description field.
    2. Type“vpn2fa.hku.hk” in the Server Address field.
    3. Tap Save to complete.

      Tap Save to complete.

  9. Tap Allow to add VPN configurations to your device

    Tap Allow to add VPN configurations to your device

 

3. Connection Procedures

  1. Tap AnyConnect icon on your device to open the VPN client.

    icon

  2. Slide the button next to AnyConnect VPN to get connect to HKUVPN.

    Slide the button next to AnyConnect VPN to get connect to HKUVPN.

  3. Enter your HKU email address (UID@hku.hk or UID@connect.hku.hk)and PIN in the Username and Password fields respectively and tap Connect.

    Enter your HKU email address (UID@hku.hk or UID@connect.hku.hk)and PIN in the Username and Password fields respectively and tap Connect.

  4. (i) For users who choose Microsoft Authenticator App as the default sign-in method (The most common method):
    • Open the Microsoft Authenticator app on your mobile device.
    • Retrieve the One-time password (OTP).

      Retrieve the One-time password (OTP).

     (ii) For users who choose SMS (Phone Text) as the default sign-in method:

    • You will receive an SMS containing the One-time password (OTP) on your registered phone number.
    • The OTP is valid for 3 minutes from the time it is sent. Retrieve the OTP from the SMS.

      The OTP is valid for 3 minutes from the time it is sent. Retrieve the OTP from the SMS.

  5. The 6-digit One Time Password (OTP) in the Answer box and click Continue.

    The 6-digit One Time Password (OTP) in the Answer box and click Continue.

  6. You are now connected to HKUVPN.

    You are now connected to HKUVPN.

  7. To disconnect from HKUVPN server, slide the button next to AnyConnect VPN.

    To disconnect from HKUVPN server, slide the button next to AnyConnect VPN.

  8. You are now disconnected from HKUVPN server.

    You are now disconnected from HKUVPN server.

Appendix: (Optional Step) Updating the Default Sign-in Method in MFA

  1. Visit your Microsoft 365 account settings at https://myaccount.microsoft.com/
  2. Sign in using your HKU credentials.
  3. Go to the “Security info” section.
  4. Set “App-based authentication – Notification” as your default sign-in method under the section titled “You’re using the most advisable sign-in method where it applies.”

    Set "App-based authentication - Notification" as your default sign-in method under the section titled "You’re using the most advisable sign-in method where it applies."
0
0