OIT Information Security Links
 

Virtual Private Network (VPN)

FortiClient logo

The Florida Atlantic University Virtual Private Network (VPN) creates a secure, encrypted connection between your device and the FAU network, and enables access to certain University resources from outside networks.

FAU's VPN supports Windows 10 and later, Mac OSX 11 and later, and newer releases of Linux including Ubuntu, Debian, and RockyLinux. If you would like to request VPN access, please open a service request at the FAU Help Desk.



VPN Types

BASIC VPN

Basic VPN is applicable to most faculty and staff with University-owned and personally owned devices, and provides access to the following services:

  • Remote access to on campus desktops, laptops, and non-public VDI infrastructure using Remote Desktop (RDP) or Secure Shell (SSH)
  • Access to basic FAUANDI shares
  • Access to Banner
  • Access to export Workday reports
  • Limited access to certain non-sensitive services
ADVANCED VPN

In some circumstances, additional approvals and justification will be required to be able to utilize the Advanced VPN based on user classification.

If the Advanced VPN is installed on a personal device, the Advanced VPN client will have access to data on the personal device. There is no expectation of privacy and FAU assumes no liability for damage to personal devices where the Advanced VPN is installed. For these reasons, the Advanced VPN is only permitted on University-owned devices except in limited circumstances. Employees cannot be compelled to install the Advanced VPN client on their personal devices.


How to Access FAU's VPN Network

Once your VPN access has been approved, please download & install the VPN Client Software installation file that is appropriate for your operating system. Be aware that while using the University's VPN:

  • All of your traffic will be routed through FAU while you are connected. If you wish to do non-work tasks such as using streaming services, it is recommended that you disconnect from the VPN first for the best connection speeds to those services.
  • This VPN does not provide direct access for system administration functions, or access to sensitive data outside of Banner and Workday. You will need to connect to an on-campus desktop or VDI session in order to access those resources.
  • There is no session extension. You will need to reconnect when your session expires (10 hours). However, you may disconnect and reconnect as needed prior to the expiration of your session without having to re-authenticate.

Note: You must have multi-factor authentication enabled to use our VPN services. See details below.

Installation Instructions


Backup/Disaster Recovery VPN

VPNo

A backup VPN is located at the Northwest Regional Datacenter (NWRDC). This VPN has the same access as the main VPN detailed above, but it may be used whenever the main VPN is not available or in a disaster recovery situation.

To utilize the backup VPN, modify the gateway to point to https://vpnnw.fau.edu as the connection URL. Please note that this backup VPN connection is slower than the main VPN connection so it should only be used when the main VPN is unavailable.

Note: VPN client upgrades are installed automatically from the server as needed after the initial client installation. These are necessary to keep the client software up to date.


Common Questions & Answers

Can I use the VPN software on a personal device?

Basic VPN access is currently permitted from a personal device, but access may be restricted based on the security of your device. If you need to work with sensitive university data, you will need to remote into a University assigned device on campus such as your desktop or laptop.

Can students request access to the VPN?

Students are generally not permitted to have VPN access. VPN access is intended for administrative tasks that are not available to the public. However, FAU does have a special network called the academic network. The academic network allows devices to be placed in a special network for academic purposes such as research and collaboration with researchers at other institutions. However, the academic network has limited access to the rest of the FAU network.

Users wishing to use this network must request it through the Research Computing group, and devices needing to be accessed from outside the university will need to be moved to the academic network.

Can OPS staff and faculty request access to the VPN?

Yes, non-student OPS staff and faculty may request access to the VPN. However, access is generally only approved for the basic VPN and requires a commitment from the user’s supervisor to immediately inform the security team when access is no longer required.

Will the VPN affect the performance of other network traffic while connected?

Yes. If your device is connected to the VPN, all of your network traffic flows through FAU and will generally be significantly slower. This will impact services such as online games, social media, and streaming media services. For optimal performance, disconnect from the FAU VPN prior to performing those tasks.

The VPN disconnected and I lost my work. Is there something I can do to mitigate this?

Unfortunately, disconnections while infrequent, do occur from time to time. These are generally caused by momentary disruptions from your Internet Service Provider (ISP). Previous versions of the VPN did reconnect automatically in a silent fashion, but this was not very secure. However, there are a few ways to mitigate the impact of this.

If you are connecting to a Linux host remotely, you can use a session-saving program such as tmux or byobu. These may not be installed automatically by your distribution, and you may need to install the software using your package manager.

If you are connecting remotely to a Windows or Mac host, your session should be saved automatically, and you should be able to reconnect.

If you are working directly on a University fileshare, you should save on a regular basis. If you are working with information that is not highly sensitive, you can utilize your University OneDrive to edit these files. VPN is not required to access or work on files stored on your OneDrive. If you have a department share, it may be worthwhile to see about converting the share to Sharepoint or OneDrive. The Help Desk will be able to assist with this process.

I am trying to export a report in Excel or PDF in Workday, but Workday is not giving me that option.

Workday requires that you are connected to the VPN to export. If you do not see the export icons on a report, make sure you are first connected to the VPN and then close all your browser windows, re-open them, and log back into Workday.