Setting Up VPN with Two-Step Verification
A Virtual Private Network (VPN) creates a secure connection between devices and University resources by creating an “encrypted tunnel” for the data communication. Many University resources require a VPN connection except when connected via the wired network.
VPN is accessible via Harvard Key and Two-Step Verification at: https://vpn.harvard.edu.
- What if I already have a Cisco VPN client installed?
Please contact the ITS Service Desk for assistance with configuring and using the Harvard VPN if you have another organization’s or an older Cisco VPN client installed on your computer.
- I am at the log on page - How do I install the VPN client software?
If you have the VPN installed, please skip this section.
- Log on to the VPN web page using
- HarvardKey Username + Tunnel name
- For example, if your HarvardKey username is jharvard@law.harvard.edu, and you are connecting to the LAW tunnel, you would enter jharvard@law.harvard.edu#LAW
- What tunnel should I use:
- #LAW – HLS Faculty and Staff
- #LAWSTUDENT – HLS Students
- #LAWREVIEW – Harvard Law Review associated users
- HarvardKey Password
- Two-Step Verification Code (or leave blank to push request to your default device)
- HarvardKey Username + Tunnel name
- Installing:
- Automatically:
- If this is your first time connecting using AnyConnect, you will be prompted to allow the download and installation of the AnyConnect client. Please allow the installation of the AnyConnect client to complete. It may take a few minutes for the client to download and launch from your computer.
- If you have previously connected using AnyConnect, the AnyConnect client will automatically launch and establish your VPN connection. If the client has been updated since your last connection this may take a few minutes.
- Manually:
- If you are not prompted to download, and the client does not start automatically, please click the link underneath “Install using the link below:”
- Run the downloaded file to install the VPN software
- Automatically:
- Connecting – See next FAQ
- Log on to the VPN web page using
- How do I connect using the VPN client software?
- Connecting:
- Ensure that vpn.harvard.edu is listed in the drop-down box for where to connect
- If it is not listed, you will have to enter it if the space is blank
- If the space is not blank, please see the ITS Service Desk to properly configure the VPN for use
- Click Connect
- Enter your HarvardKey Username + Tunnel name, HarvardKey Password, and Two-Step Verification Code (or leave blank to push request to your default device).
- Username example, if your HarvardKey username is jharvard@law.harvard.edu, and you are connecting to the LAW tunnel, you would enter jharvard@law.harvard.edu#LAW
- What tunnel should I use:
- #LAW – HLS Faculty and Staff
- #LAWSTUDENT – HLS Students
- #LAWREVIEW – Harvard Law Review associated users
- Ensure that vpn.harvard.edu is listed in the drop-down box for where to connect
- You will be presented with an accept box to finalize your connection to the VPN
- If you do not receive an accept box, please check your credentials and try again. If you continue to experience issues and you can log into other Harvard Central resources, please contact the ITS Service Desk.
- Disconnecting – After using the VPN, please disconnect:
- The AnyConnect icon is located in the Mac menu bar or Windows system tray. To end your VPN session, right-click on the AnyConnect icon, and select “Disconnect.”
- Connecting:
- Is the data encrypted?
As the computer receives a Harvard IP address, security protocols used by HLS ITS treat the computer as if it was physically connected to the wired network. Data between a computer on a VPN and the HLS network is encrypted and can be considered secure. Network traffic is encrypted between the computer and the VPN gateway. VPN also allows for secure wireless networking on the HLS wireless network.
- Can I use VPN to register my computer for use on the campus network?
No – the only service not permitted via VPN is network registration of a computer. Even if your computer hasn’t been registered, you can still use the VPN on the guest wireless network and while off campus.