VPN Secure Access Service

VPN (Virtual Private Network) makes the secured connection to the university network possible from outside. You can open the VPN connection through the portal with a WWW browser and choose according to the need if you are logging in using light or strong identification. You alternatively can use the VPN client installed in your device in which the strong identification is always needed. The suitable alternative of the strong identification is worth finding already beforehand and making the required preparations before the trip abroad.

TWO WAYS TO USE VPN:

1) VPN Portal

VPN Secure Access Portal is a secured connection to the university network through a web browser. In the portal window, you can use common bookmarks or write on the Browse field the web address wanted by you. You can also create your own bookmarks.

When logging into portal, you decide if you need light or strong authentication method.

The strong authentication is required if your intention is to use administrative systems of the university. In this case, choose Remote Desktop Connection (Lippu, Pursi, etc.) after login in the VPN Portal. This practice is recommended to the Mac and Linux users also in the university network.

Link: VPN Portal

2) VPN Client

VPN Client is a software installed into your computer or mobile device and it connects your device as a part of university network. One of the clients is Pulse Secure. On UNIV-workstations a shortcut "UNIV VPN" opens Pulse Secure. VPN Client uses always a strong authentication.

Instructions how to install and use different clients:

 

AUTHENTICATION METHODS:

a) Light authentication

Choose your light authentication method in Login as field:

  • Staff (Password): staff, login with account and password
  • Student (Password): student, login with account and password

Light authentication means, that you use your account and password to login in VPN Portal. You can access Notio, your home directory and utilize services and pages which are limited to use only in the university network, e.g. MOT-dictionaries.

b) Strong authentication

In VPN portal or in VPN client, choose your strong authentication method:

  • Staff (SMS): staff, one-time passcode in text message
  • Staff (OTP): staff, one-time passcode from OTP application
  • Staff (SecurID): staff, one-time passcode from RSA SecureID
  • Student (SMS): student, one-time passcode in text message

Following methods are available only in the VPN clients of UNIV laptops of the staff:

  • UNIV - PKI: staff, the PKI certificate saved in the device is used automatically
  • UNIV - SecurID/SMS: staff; one-time passcode from a SMS or OTP or RSA SecurId

The strong authentication is required when using administrative systems outside the University network. In the strong identification a certificate or passcode is always needed in addition to the user name and the password. The possibilities to use of the VPN connection will also be more versatile than to be used with light authentication.

PKI certificate (Public Key Infrastructure) is saved in the device (Note: only in UNIV laptops) and only user account and password are asked in the login phase. Read the guide: Utilising of the PKI in UNIV laptop of staff

SMS passcode is a one-time passcode which you have to type in the login phase after typing your user account and password. The code will be sent automatically into your mobile phone as a SMS provided that mobile phone number has been saved in the service. Check or set the mobile number in the service: VPN Mobile Phone Number | guide

OTP application (One Time Password) shows in the mobile device a one-time passcode which in addition to a username and password you will type in the VPN login phase. The application (Microsoft Authenticator) is installed from the store and will be activated before the first usage time. It is recommended alternative to those staff members who do not have the PKI alternative and who travel abroad a lot. Activate the OTP before first usage in the service: Activate VPN OTP for sa.oulu.fi. Guide pages: e_Identification, OTP activation and use in mobile.

SecurID is a small device, "key ring", which shows your one-time passcodes. It is a recommended alternative to those staff members who do not have the PKI alternative and who travel abroad a lot. More information about RSA SecurID from Helpdesk of Mobile Devices.

Read more: student account, staff account, password, home directory

Last updated: 17.10.2017