If you are not on a campus network (wired or wiresless), you will need to log-in using both the Virtual Private Network (VPN) and Multi-Factor Authentication (MFA) systems in order to access Tableau Server reports.
Using MFA to log-in to the VPN
The Multi-Factor Authentication (MFA) system is a layer of security that is used in conjunction with other security systems. Even if you log-in to a system that requires you to use MFA with the Central Authentication System (CAS), such as Gmail for example, you may still need to use MFA again with the VPN system, depending on which VPN Group you select. Most staff and faculty were required to use MFA with the CAS system on or before March 5, 2018.
- Step 1: Open the VPN program
- Step 2: Select the correct VPN group and enter your credentials
- Step 3: Approve the "push" via your phone, or manually enter your MFA code in the "Second Password" field
If you have NEVER used MFA, please see the instructions to enroll here: Obtaining MFA for the first time. Otherwise, please proceed to the instructions to connect below.
Tip: Cisco Anywhere Connect is installed on most university machines, but you can also download it from Terpware (links)
FAQ for VPN & MFA
What is MFA?
Multi-Factor Authentication (MFA) is a method to confirm that "you are who you say you are" when accessing a system, using something other than your password to authenticate you. Your password is generally the first factor, and this "other thing" becomes the second factor. Using both makes it "multi-factor". In addition to passwords, "factors" can include:
- "something you know" (for example, your mother's maiden name),
- "something you have" (like your phone or a "token"),
- or "something you are" (i.e. biometrics, which the University does not currently use).
MFA is used for the Central Authentication System (CAS) as well as certain Groups on the VPN system. As a result, you may encounter the MFA prompt multiple times (for example, if you log-in to both Gmail and the VPN).
What is VPN?
Virtual Private Networking (VPN) is a tool that encrypts data as they travel from a system to your computer, and back. Data are only sent to you after you have confirmed that "you are who you say you are." This is why MFA is required first, in order to access the VPN system. As noted above, MFA is not only required for the VPN system. Even if you have logged-in to the VPN, you may encounter the MFA prompt again when logging-in to Gmail and other campus systems. Links to download the VPN client are located below.
How do I get the Cisco AnyConnect VPN tool?
- Once connected to the VPN, your connection should hold for at least 24 hours unless you turn off your computer or put it to sleep.
- To make access to Tableau and other systems more convenient, consider logging-in to the VPN as part of your morning routine when you log-in to your computer.
- How to Add Additional Devices for use with DUO Multi Factor Authentication
- How to Enable Multi-Factor Authentication (MFA) for all CAS Authenticated Webpages
- Bypass (i.e. backup) codes
- Hardware tokens
- Overview of Multi-Factor Authentication and Login Methods
- How to Enroll Your Mobile Device in Multi-Factor Authentication at University of Maryland
- University of Maryland Multi-Factor Authentication Frequently Asked Questions (FAQ)
- How to Use Multi-Factor Authentication with the Cisco AnyConnect Virtual Private Network (VPN) Client