Setting Up VPN with Two-Step Verification

Please contact the ITS Service Desk for assistance with configuring and using the Harvard VPN if you have another organization’s or an older Cisco VPN client installed on your computer.

If you have the VPN installed, please skip this section.

1. Log on to the VPN web page using
   1. HarvardKey Username + Tunnel name
      1. For example, if your HarvardKey username is jharvard@law.harvard.edu, and you are connecting to the LAW tunnel, you would enter jharvard@law.harvard.edu#LAW
      2. What tunnel should I use:
         • #LAW – HLS Faculty and Staff
         • #LAWSTUDENT – HLS Students
         • #LAWREVIEW – Harvard Law Review associated users
   2. HarvardKey Password
   3. Two-Step Verification Code  (or leave blank to push request to your default device)
2. Installing:
   • Automatically:
     • If this is your first time connecting using AnyConnect, you will be prompted to allow the download and installation of the AnyConnect client. Please allow the installation of the AnyConnect client to complete. It may take a few minutes for the client to download and launch from your computer.
     • If you have previously connected using AnyConnect, the AnyConnect client will automatically launch and establish your VPN connection. If the client has been updated since your last connection this may take a few minutes.
   • Manually:
     • If you are not prompted to download, and the client does not start automatically, please click the link underneath “Install using the link below:”
     • Run the downloaded file to install the VPN software
3. Connecting – See next FAQ

1. Connecting:
   • Ensure that vpn.harvard.edu is listed in the drop-down box for where to connect
     • If it is not listed, you will have to enter it if the space is blank
     • If the space is not blank, please see the ITS Service Desk to properly configure the VPN for use
   • Click Connect
   • Enter your HarvardKey Username + Tunnel name, HarvardKey Password, and Two-Step Verification Code (or leave blank to push request to your default device).
     1. Username example, if your HarvardKey username is jharvard@law.harvard.edu, and you are connecting to the LAW tunnel, you would enter jharvard@law.harvard.edu#LAW
     2. What tunnel should I use:
        1. #LAW – HLS Faculty and Staff
        2. #LAWSTUDENT – HLS Students
        3. #LAWREVIEW – Harvard Law Review associated users
2. You will be presented with an accept box to finalize your connection to the VPN
   • If you do not receive an accept box, please check your credentials and try again. If you continue to experience issues and you can log into other Harvard Central resources, please contact the ITS Service Desk.
3. Disconnecting – After using the VPN, please disconnect:
   • The AnyConnect icon is located in the Mac menu bar or Windows system tray. To end your VPN session, right-click on the AnyConnect icon, and select “Disconnect.”

As the computer receives a Harvard IP address, security protocols used by HLS ITS treat the computer as if it was physically connected to the wired network. Data between a computer on a VPN and the HLS network is encrypted and can be considered secure. Network traffic is encrypted between the computer and the VPN gateway. VPN also allows for secure wireless networking on the HLS wireless network.

No – the only service not permitted via VPN is network registration of a computer. Even if your computer hasn’t been registered, you can still use the VPN on the guest wireless network and while off campus.