skip to content

IT Center University of Cologne (ITCC)

If the following error occurs after logging into Shobboleth: "Potential CSRF attack detected", please delete the cookies and the browser cache of your web browser, close it and try to connect to the VPN network again.

 

VPN - Installation of the Cisco Secure Client

To establish a VPN connection to the University Network, please install the Cisco Secure Client by using the download links below depending on your operating system. You have to login using your student or employee account.

Please note: We have reports of occasional problems downloading the installer when using Microsoft Edge as your browser. If the download fails with Edge, please try another browser instead, such as Firefox or Chrome.

Please note: If you are using Firefox and receive an empty white page after initial authentication: Please deactivate "Delete cookies and site data when Firefox is closed"  (Privacy&Security preferences) or add an exception for vpngate.uni-koeln.de. This change can be reverted after successful installation of the AnyConnect client.

Installation files

Installation of the Cisco Secure Client

1 / 4
  • Enlarged view:
    Run the installation, accept the license agreement, and install the Cisco Secure Client.
  • Enlarged view:
    Run the installation, accept the license agreement, and install the Cisco Secure Client.
  • Enlarged view:
    Run the installation, accept the license agreement, and install the Cisco Secure Client.
  • Enlarged view:
    Run the installation, accept the license agreement, and install the Cisco Secure Client.

  1. Click on one of the links above and enter your username and password to download the setup file.
  2. Run the installation, accept the license agreement, and install the Cisco Secure Client.

Configuration & use of the Cisco Secure Client

1 / 4
  • Enlarged view:
    Open the Cisco Secure Client on your operating system and enter "vpngate.uni-koeln.de" in the input window. Then click on "Connect".
  • Enlarged view:
    Then log in to Shibboleth with your user name and password.
  • Enlarged view:
    Confirm your login in Shibboleth using multi-factor authentication with your smartphone, tablet or hardware token (the interface varies slightly depending on how multi-factor authentication is set up).
  • Enlarged view:
    If the registration was successful, you will receive a message in your browser. You can now close it.

  1. Open the Cisco Secure Client on your operating system and enter "vpngate.uni-koeln.de" in the input window. Then click on "Connect" [Fig. 1]. To select the tunnel type, click on the selection box and select “vpngate.uni-koeln.de Split Tunnel”.
  2. You will be redirected to the Shibboleth login via your default browser. Log in to Shibboleth with your user name and password [Fig. 2].
  3. Confirm your login in Shibboleth using multi-factor authentication with your smartphone, tablet or hardware token (the interface varies slightly depending on how multi-factor authentication is set up) [Fig. 3].
  4. If the login was successful, you will receive a message in your browser. You can now close it [Fig. 4].

Troubleshooting

Error message "Not enrolled in Duo"

expand:

If you receive an error message with the title "Not enrolled in Duo" during multi-factor authentication, then you have not yet set up multi-factor authentication.

Information on setting up multi-factor authentication can be found here.

Message in Cisco Duo "Enter bypass code"

expand:

If you are asked to enter a bypass code, it is very likely that the initial registration of your device for multi-factor authentication has not been completed. Contact the ITCC helpdesk and ask to be able to carry out the initial registration again.

Then make sure that you do not interrupt the initial registration process at any point the next time.

Problems during installation/configuration

If you encounter problems during installation or setup, please also take a look at our help page:

Contact
If you have any questions or problems, please contact the ITCC-Helpdesk