To align with the greater need for remote network access among Faculty/Staff and increased security requirements, Endicott has implemented a SonicWall Secure Mobile Access (SMA) appliance to facilitate VPN connections. The SMA appliance will utilize Okta (Endicott's Identity and Access Management platform) for authentication and access permissions and remove the need for Campus Technology to configure VPN accounts and connection profiles manually.
The instructions below outline the process for configuring the new SMA VPN on Endicott-issued macOS workstations. If you have already configured the connection and need a quick reminder on how to reconnect, please reference the section Connecting to the SMA VPN.
- If you are part of the small group of users who had previously used the SMA VPN connection with Duo multifactor authentication, please set up your Okta account (see Prerequisites) and follow the instructions in Connecting to the SMA VPN.
Please note: Attempting to access the SMA VPN from a non-Endicott macOS device is strictly prohibited and will lead to the termination of VPN access.
- The SMA appliance relies on Okta to authenticate VPN sessions. If you have not configured your Endicott Okta account, please follow the initial setup process outlined in the article Getting Started With Your Endicott Okta Account.
- As with the previous VPN solution, the SMA appliance uses the SonicWall Mobile Connect application to facilitate VPN connections on macOS devices.
- Users with existing VPN access from their macOS workstations will not need to reinstall the application to use the new connection.
- Users accessing the VPN for the first time must install the application from Endicott's Jamf Self-Service. Please follow the instructions in the article Installing SonicWall Mobile Connect from Jamf Self-Service.
Initial Connection Setup:
- Open SonicWall Mobile Connect from Finder's "Applications" folder (or via Spotlight search). Navigate to SonicWall Mobile Connect > Preferences in the top left-hand corner of the Menu Bar.
- In the pop-up window, tick the checkbox to allow URL Control. A security prompt will pop up, asking for additional confirmation. Click "Enable URL Control" and confirm that the check appears. Click "OK."
- Open a web browser on your Endicott-issued macOS workstation and navigate to https://vpn.endicott.edu (ideally, this should be done in your default web browser). On the "Virtual Office" welcome screen, choose "endicott.okta.com" from the "Domain" drop-down menu and click "Next."
- Your browser will redirect to the Endicott-branded Okta login page (https://endicott.okta.com). Follow the Okta prompts to complete the authentication process -- if you have an existing Okta authentication session for another application, you will automatically be authenticated. Once authentication is complete, you will be returned to the "Virtual Office" portal.
- If this is your first time connecting, your browser will request permission to launch the SonicWall Mobile Connect application. Tick the checkbox to "Always Allow" your browser to launch the application and click Open SonicWall Mobile Connect.
- Depending on your macOS version, you may receive the following prompt for permission to configure a VPN connection. Click Allow and supply your computer password to approve the change. SonicWall Mobile Connect will then configure the new VPN connection.
- Once configured, the VPN connection will begin to establish. If you receive a Certificate Verification prompt, click Continue to trust the certificate.
- The Mobile Connect client should then show a status of "Connected"
- If you had previously used another Endicott VPN solution for macOS, please remove the other connections. To do so, disconnect your current VPN session in the Mobile Connect window, select a previously configured VPN profile from the drop-down list, and click the button on the right-hand side (the circle with three dots in the middle) to open the settings for that profile.
- In the Settings window, click the "Delete" button in the lower left-hand corner to remove the connection. Confirm that you are deleting the correct VPN profile -- previous profiles will have a server URL of "fw.endicott.edu:4433". When prompted, click Delete to finish deleting the profile.
After completing the initial SMA VPN connection configuration in Mobile Connect, there are two ways to re-establish a VPN connection:
-
Option 1: Connecting via Web Browser
-
Open a web browser on your Endicott-issued macOS workstation and navigate to https://vpn.endicott.edu (ideally, this should be done in your default web browser). On the "Virtual Office" welcome screen, choose "endicott.okta.com" from the "Domain" drop-down menu and click Next.
-
Your browser will redirect to the Endicott-branded Okta login page (https://endicott.okta.com). Follow the Okta prompts to complete the authentication process -- if you have an existing Okta authentication session for another application, you will automatically be authenticated. Once authentication is complete, you will be returned to the "Virtual Office" portal.
- If you have previously allowed your default browser to launch the SonicWall Mobile Connect application, the application should launch and establish your connection. Once the connection has been established, Mobile Connect will show the connection status as "Connected."
-
Open a web browser on your Endicott-issued macOS workstation and navigate to https://vpn.endicott.edu (ideally, this should be done in your default web browser). On the "Virtual Office" welcome screen, choose "endicott.okta.com" from the "Domain" drop-down menu and click Next.
-
Option 2: Connecting via Saved VPN Profile in Mobile Connect
- Ensure that the SonicWall Mobile Connect application is running on your Mac. In the Menu Bar in the top right-hand corner of your screen, click the Mobile Connect icon and select the "vpn.endicott.edu" connection profile in the drop-down menu.
- A new window will appear on your screen, asking for authentication information. Click on the Domain field and select "endicott.okta.com" from the drop-down menu. Click Login.
- The Mobile Connect application will launch your default browser (or open a new tab) and redirect to the Endicott-branded Okta login page (https://endicott.okta.com). Follow the Okta prompts to complete the authentication process -- if you have an existing Okta authentication session for another application, you will automatically be authenticated.
- Once authentication is complete, you will be redirected to a page with an "Authentication Succeeded" message (see below) and can close the browser tab/window.
- Mobile Connect will then show the connection status as "Connected."
- Ensure that the SonicWall Mobile Connect application is running on your Mac. In the Menu Bar in the top right-hand corner of your screen, click the Mobile Connect icon and select the "vpn.endicott.edu" connection profile in the drop-down menu.
Troubleshooting:
- If you experience any issues with configuring your new VPN connection or authenticating with Okta, please open a support ticket with Campus Technology at https://endicott.freshservice.com/support/home.