Connect to IU's SSL VPN using Ivanti Secure Access (formerly Pulse Secure) on a 32- or 64-bit Linux workstation
On this page:
- Overview
- Install Ivanti Secure Access
- Configure the connection
- Connect and disconnect
- Qualified and compatible platforms
Overview
For workstations running 32- or 64-bit Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu, or Debian, UITS recommends using Ivanti Secure Access (formerly Pulse Secure) to connect to Indiana University's SSL VPN. IU students, faculty, and staff can download Ivanti Secure Access from IUware.
- Use the IU VPN only under one of these conditions:
- If you are trying to access a service you can't get to another way.
- If your IT Pro has told you that you need to use it.
Generally, you won't need to use the VPN if you are a student. For example, you don't need a VPN connection to:
- Use learning tools, such as Canvas, Zoom, or Kaltura.
- Read your IU email over the web.
- Work with your files in Microsoft OneDrive at IU or Google at IU My Drive.
- If you have difficulty with the VPN: Try using IUanyWare (doesn't require a VPN connection).
For example, you can use IUanyWare's Remote Desktop Connection app to remote into a device on campus. Additionally, IUanyWare's Chrome browser allows you to access sites as if you were on campus.
In IUanyWare, search the available apps to find what may be helpful.
- On the IU network: You cannot connect to the VPN, as it is for off-campus use only.
If you receive a 1329 error when attempting to connect to the VPN, try connecting using a non-eduroam or non-IU Secure connection.
- To ensure accountability of network communication, the University Information Policy Office prohibits group accounts from connecting to IU's SSL VPN. To make a VPN connection, you must log in using your personal IU username and passphrase.
- For general VPN usage, you can connect one device at a time. If you connect a second device while you already have a connection running to another device, you'll see a prompt asking whether you want to maintain the existing connection and cancel the new connection request, or break the existing connection and establish a new connection. Groups VPN users can connect two devices concurrently.
Install Ivanti Secure Access
Use the appropriate instructions below to download and install Ivanti Secure Access. If you are logged in as a standard user, you should switch to a privileged user account with the command su username
(replace username
with your local username); alternatively, change to root with su root
, and then leave sudo
off the commands in the following instructions.
Ubuntu/Debian
- Depending on your operating system, download the 32- or 64-bit
.deb
package from IUware. - When prompted to open the package, make sure and are selected.
- A new window should appear that provides a review of the Ivanti Secure Access package; select , and authenticate using your administrator credentials.
- When the application is installed, install the following dependencies using these commands:
sudo apt-get install libwebkitgtk-1.0-0 sudo apt-get install libproxy1-plugin-webkit sudo apt-get install libgnome-keyring0
CentOS/RHEL
- Depending on your operating system, download the 32- or 64-bit
.rpm
package from IUware. - In a Terminal window, navigate to the directory containing the
.rpm
file. For example, if the file is in yourDownloads
folder, enter:cd Downloads
- To install the package, enter (replace
nameofpackage.rpm
with the name of the downloaded package):sudo rpm -i nameofpackage.rpm
- If you get a "missing dependency" error, enter:
sudo /usr/local/pulse/PulseClient.sh install_dependency_packages
If you still receive "missing dependency" errors, run the commands indicated in those errors to install the remaining dependencies.
- If you receive an error similar to "mv: cannot stat '/usr/local/pulse/pulse.1.gz': No such file or directory", you can safely ignore it.
- If you receive any dependency-related errors, run the following command:
sudo /usr/local/pulse/PulseClient_x86_64.sh install_dependency_packages
Configure the connection
- Open Ivanti Secure Access. (Its location will vary depending on your operating system.)
- To add a new connection, select .
- In the "Enter Configuration" box:
- Name: Enter a descriptive name, such as
IU VPN
. - URL: Enter
https://vpn.iu.edu
Note:If you use the IU Groups VPN or Health Sciences Network (HSN) VPN, add an additional connection using the appropriate URL:
- Groups VPN: https://vpn.iu.edu/groups
- HSN VPN: https://vpn.iu.edu/hsn
For more about these VPNs, see:
- Name: Enter a descriptive name, such as
- Select .
Connect and disconnect
To connect to the VPN:
- Open Ivanti Secure Access. (Its location will vary depending on your operating system.)
- Next to the SSL VPN connection you created, select .
- In the window that appears:
- Username: Enter your IU username.
- Password: Enter your IU passphrase.
When you're prompted for a secondary password, you need to enter your Two-Step Login (Duo) option. For example, you would enter push
to push a login request to your mobile device.
In the "Secondary Password" field, enter one of the following and complete any prompts to connect:
- A passcode (for example,
123456
): Generated by Duo Mobile, an SMS text, or a single-button hardware token push
: Sends a push login request to the Duo Mobile app on your primary smartphone or tabletphone
: Calls your primary phone number (whether mobile phone or landline)sms
: Sends a new SMS passcode to your primary device; once you receive the passcode via SMS, enter it into the "Secondary Password" field.Important:- The
sms
andphone
options are not available unless you have the exemption form completed and approved. - Entering
sms
will cause the initial login to fail with a "Credentials were invalid. Please try again." error message. However, you also will receive a text message with a passcode to enter in the "Secondary Password" field.
Note:If you have more than one device of a certain type registered (such as a second smartphone or tablet), you can add a number to the end of your secondary password to direct login requests to a particular device (for example,push2
will send a login request to your second phone;phone3
will call your third phone).- The
To disconnect from the VPN:
- Open the Ivanti Secure Access window (if it isn't already open).
- Next to the connection, select .
Qualified and compatible platforms
To ensure that you can connect to the IU VPN, verify that you are running the latest version of Ivanti Secure Access (formerly Pulse Secure) available on IUware. For operating system requirements and recommendations, see Ivanti's product documentation.
This is document arue in the Knowledge Base.
Last modified on 2023-08-17 16:25:16.