Washington State University offers VPN access for those departments and users that require secure remote user access to specific, restricted university services and data. The VPN service provides authenticated and encrypted access to resources such as the administration of departmental servers, administrative systems and applications, and/or systems that house sensitive information.
Starting in September 2021, ITS will be adding Multi-factor Authentication (MFA) to its general VPN portals. This will change the way that users log in to the VPN.
|VPN Portal||Username Used to Access||Typical People to Use Portal|
|vpn.wsu.edu||WSU NID*||All WSU Staff and Students|
|vpn.everett.wsu.edu||WSU NID*||Everett Staff and Students|
|sslvpn.spokane.wsu.edu||WSU NID*||Spokane Staff and Students|
|vpn.vancouver.wsu.edu||WSU NID*||Vancouver Staff and Students|
|vpn.tricity.wsu.edu||WSU NID*||Tricities Staff and Students|
|tier1.vpn.wsu.edu||nid.t1vpn||ITS Staff and Departmental IT|
|t1vpn.spokane.wsu.edu||nid.t1vpn||Spokane ITS Staff|
User FAQs regarding the updated service provider:
- Faculty, staff, and student customers who are currently using the legacy SSLVPN will no longer be able to connect and must switch to the GlobalProtect VPN client beginning on March 19 at 10:00 pm.
- Access to the legacy SSLVPN service will only be accessible by FID accounts.
- The legacy SSLVPN service remains critical for a small number of use cases.
- Updates are being made to ITS knowledge base articles and web resources to direct faculty, staff, and students to the GlobalProtect VPN service as the successor to SSLVPN.
- Access to library resources will require users to sign on using their network ID (NID) and password.
Information Technology Services
Send General Requests to firstname.lastname@example.org
Individuals wishing to access WSU resources via VPN who have a Friend ID, including visiting scholars, vendors, and other WSU associates, please continue to use the Cisco SSL/VPN as shown below. All current students, faculty, and staff please use the GlobalProtect tools for Mac or Windows that are available via the links above.
Washington State University offers SSL VPN access for those departments and users that require secure remote user access to specific, restricted university services and data. The SSL VPN service provides authenticated and encrypted access to resources such as the administration of departmental servers, administrative systems and applications, and/or systems that house sensitive information.
The SSL VPN service uses the Cisco AnyConnect client over SSL (Secure Socket Layer). Use of the WSU SSL VPN service requires the installation of the Cisco SSL VPN AnyConnect Mobility client. Users are able to manually download and install the mobility client for desktops and laptops from the following location: SSL VPN Client Download.
(Users of mobile devices, tablets, etc. will need to download AnyConnect Mobility clients from their local app stores, as these are not provided by WSU.)
- OS Requirements & Client Download Information
- Installation Instructions
- Remote Desktop Instructions
- All sponsored contractors, vendors, guests and any others (including 3rd parties) requiring remote access
Currently Supported Operating Systems
- Windows 7, 8, 8.1, and 10 (32 and 64 bit)
- Mac OS X 10.8, 10.9, 10.10, and 10.11
- Ubuntu 12.04 (LTS), 14.04 (LTS) (64 bit only)
(other linux distributions may work as well but are untested)
- RedHat Linux 6 and 7
- And many smartphones or tablets
The SSL VPN service allows secured communication from remote sites to the WSU campus. The SSL VPN service establishes a split tunnel that will route traffic intended for WSU over a secured link and provide a separate path for all other traffic via the local service provider’s internet connection.
Examples of where the SSL VPN service are required:
- Where secure communications to restricted information at WSU is needed
- At home or traveling and needing access to secure WSU services
- Administrators at WSU who need secure remote communications to their on-campus equipment and services
Examples where the SSL VPN service is not required:
- Applications that are in use by a large number of users
- Applications that have little to no access restrictions
- The WSU SSL VPN service can only be initiated from networks off the Pullman campus.
- Custom Active Directory attributes are created for SSL VPN users upon registration. Faculty, staff, student or third party individuals are granted access to the SSL VPN service if they have a current active status with WSU. These attributes are systematically reviewed and updated daily.
- Users will authenticate with their WSU NID or FID.
- WSU reserves the right to remove users from the SSL VPN users group. Users who have been removed and later determine they need access may request through Coug Tech that they be given access again.
- Active SSL VPN connections must never be left unattended.
- Always disconnect an active SSL VPN connection when finished with a session.
- Connections that remain idle (no interaction) for 30 minutes, will be automatically disconnected.
Login again to reconnect.
- WSU recommends the use of local host firewalls for enhanced security.
- Computers should have the latest service packs, critical updates, and security patches before connecting to the SSL VPN.
- Anti-virus software must be enabled with up-to-date virus definitions installed.
Procedures to Connect
- Make sure your system satisfies the SSL VPN operating system and browser requirements
- Complete the Mandatory one time self-registration
- Connect to the WSU SSL VPN Service
- Follow prompts for one time client installation
SSL VPN Client Download for pre-installation on appropriate systems.
The WSU SSL VPN service will provide users secure and encrypted access to restricted WSU resources when connected to the internet from outside of the wsu.edu domain. SSL VPN is intended to provide authenticated/encrypted access to restricted resources. Users who access WSU resources via the SSL VPN are subject to the same policies as users within the wsu.edu domain.
All parties as delineated under Audience are required to comply with this policy.Note that all network activity while connected to the traditional or SSL VPN is subject to the University’s normal acceptable use policies.
Individuals who discover or strongly suspect the violation of this policy must promptly notify the IT Security Office at
509-335-HELP(4357) (8:00am – 5:00pm) or email@example.com.
OS Requirements & Client Download Information
SSL VPN Client Download & Set-up
|Windows 64 bit:||Windows SSL VPN Client|
|Windows Set-up Instructions|
|AnyConnect for Windows Mobile 6.5|
|Linux:||Linux 32 Bit SSL VPN Client|
|Linux 64 Bit SSL VPN Client|
|Linux Set-up Instructions|
|Mac OS X:||Mac OS X SSL VPN Client|
|Mac OS X Set-up Instructions|
|iPhone||iPhone Client & Set-up Instructions|
|iPad Air||7.0 or later|
|iPad 2||6.0 or later|
|iPad (3rd generation)||6.0 or later|
|iPad (4th generation)||6.0 or later|
|iPad mini||6.0 or later|
|iPad mini (with Retina display)||7.0 or later|
|iPhone 3GS||6.0 - 6.1.6|
|iPhone 4||6.0 - 7.1.2|
|iPhone 4S||6.0 or later|
|iPhone 5||6.0 or later|
|iPhone 5C||7.0 or later|
|iPhone 5S||7.0 or later|
|iPhone 6||8.0 or later|
|iPhone 6 Plus||8.0 or later|
|iPod Touch (4th generation)||6.0 - 6.16|
|iPod Touch (5th generation)||6.0 or later|
|ATT Tilt 3.57.502.2 WWE Note: TouchFLO must be disabled.||Windows Mobile 6.1 Professional|
|Axim X51v with ROM: A03 (23092007||Windows Mobile 6.0 Classic|
|HTC Touch Pro||Windows Mobile 6.1 Professional|
|HTC Touch||Windows Mobile 6.0|
|HTC Imagio||Windows Mobile 6.5|
|HTC Tilt 2|
|HTC TyTN||Windows Mobile 5.0|
|iPAQ 2790||Windows Mobile 5.0 PocketPC|
|Palm Treo 700wx:||Windows Mobile 5.0+AKU2 PDA Phone|
|Sprint TREO 700WX-1.15-SPNT|
|Palm Treo 750:||Windows Mobile 6.0 Professional|
|AT&T TREO 750-2.25-ATT|
|Palm Treo 800-Sprint Treo 800w-1.03-SPNT||Windows Mobile 6.1 Professional|
|Palm Treo Pro:||Windows Mobile 6.1 Professional|
|Samsung||Windows Mobile 6.1 Professional|
|Samsung Omnia Pro 4||Windows Mobile 6.5|
|Sprint Touch with ROM: 3.03.651.4||Windows Mobile 6.1 Professional|
|Note: TouchFLO must be disabled.|
|T-Mobile Wing 4.26.531.1 WWE||Windows Mobile 6.0 Professional|
|Verizon XV6800 with ROM: 1.00.00.H:||Windows Mobile 6.0 P|
|Windows||System Requirements||Pentium class processor or greater
100 MB hard disk space
Microsoft Installer, version 3.1
Windows 7, 8, 8.1, and Windows 10 x86 (32-bit) or x64 (64-bit)
Internet Explorer 6.0 is no longer supported
Cisco will not offer Windows XP and Vista as a supported operating system for present or future AnyConnect releases.
AnyConnect is not supported on Windows RT. There are no APIs provided in the operating system to implement this functionality. Cisco has an open request with Microsoft on this topic.
|Mac OS||OS Requirements||Mac OS X 10.8, 10.9, 10.10 and 10.11
Max OS X Support Notes
Mac OS X 10.5, 10.6, and 10.7 are no longer supported by Cisco.
AnyConnect requires 50MB of hard disk space.
To operate correctly with Mac OS X, AnyConnect requires a minimum display resolution of 1024 by 640 pixels. Mac OS X 10.8 introduces a new feature called Gatekeeper that restricts which applications are allowed to run on the system. You can choose to permit applications downloaded from:
Mac App Store
Mac App Store and identified developers
The default setting is Mac App Store and identified developers (signed applications). AnyConnect release 4.1 is a signed application, but it is not signed using an Apple certificate. This means that you must either select the Anywhere setting or use Control-click to bypass the selected setting to install and run AnyConnect from a pre-deploy installation. Users who web deploy or who already have AnyConnect installed are not impacted. For further information see: http://www.apple.com/macosx/mountain-lion/security.html
|Linux||OS Requirements||x86 instruction set.
32 MB RAM.
20 MB hard disk space.
Superuser privileges are required for installation.
libstdc++ users must have libstdc++.so.6(GLIBCXX_3.4) or higher, but below version 4.
Java 5 (1.5) or later. The only version that works for web installation is Sun Java. You must install Sun Java and configure your browser to use that instead of the default package.
zlib - to support SSL deflate compression
xterm - only required if you're doing initial deployment of AnyConnect via Web launch from ASA clientless portal.
libpango 1.0 or a compatible build such as package pangox-compat-0.0.2-2.el7.x86_64.rpm or pangox-compat-0.0.2-3.fc20.x86_64.rpm
iptables 1.2.7a or later.
tun module supplied with kernel 2.4.21, 2.6
|Web based installation of the sslvpn client utilizes either ActiveX (with IE) or Oracle Java to download and install the clients. Because of the numerous security issues that Java and ActiveX poses, it is highly recommended that users download the clients from the following web page and manually install them and not have to deal with Java or ActiveX. http://infotech.wsu.edu/NetworkService/VPN/VPN.aspx|
- OneDrive – What do you get?
- OneDrive Limitations
- OneDrive – Sharing Your Files and Folders with Others
- Accessing your OneDrive Files and Folders via a Web Browser
- Restore/View previous version of documents in OneDrive
- Add and sync shared folders to OneDrive
- Managing OneDrive Space and Sync Folders
- Office 365 Applications – What do you get?
- List of Office 365 Applications Available by Device
- Co-Editing Word, Excel and PowerPoint files between Teammates
- Compatibility Matrix for Office 365 Click-to-Run and Visio/Project Standalone Installations
- Using Office Online via a Web Browser
- Deactivating Office 365 for a Windows PC or Mac