Introduction This article will provide an overview of the Central VPN (Virtual Private Network) Service and answers to some Frequently Asked Questions (FAQs). The article does NOT describe how to install the Cisco AnyConnect client. Please see KB0012158, which details this installation. IMPORTANT: Campus VPN is NOT a requirement to connect to your work from home. Review the Connect to Your Work From Home article to see what is best for you. Due to increased demand on the VPN as a result of the COVID-19 situation, we have had to modify which services are available via the VPN. Traffic to Bear Tracks, eClass, and library resources will NOT use the VPN tunnel. Please do not connect to the VPN if you are only using it to reach one of these services.   Applicability The article is intended for both the whole campus community and for IST technical staff. For IST staff, please see the Internal Notes field for additional information.   Details Frequently Asked Questions 1. What is the Central VPN Service?  The Central VPN (Virtual Private Network) Service is designed to provide University of Alberta staff, students, and affiliates with a secure connection to campus resources. For more information on VPN's, please visit https://en.wikipedia.org/wiki/Virtual_private_network   2. Who can access the Central VPN Service? All employees, students, and guest CCID holders may access this service. You must have a current relationship with the University of Alberta in order to use the Central VPN.   3. How do I access the Central VPN Service?  For information on downloading the VPN client and connecting to the service, please follow the steps in KB0012158.   4. My username and password aren't working to connect to the VPN. Confirm your password at https://myccid.ualberta.ca/check If your password is correct on the MyCCID page, and you have an active relationship with the University of Alberta, please contact the IST Service Desk. Note that some CCID holders will not be able to log on to the VPN. These include applicants to the University of Alberta and individuals who no longer have active affiliation with the U of A.   5. I can connect to the VPN, but I cannot access my work computer remotely. This is expected behaviour. The VPN service is primarily to allow access to campus-wide services such as reporting tools that are not normally accessible from off-campus. Department specific services such as Remote Desktop and file servers may not be accessible.   6. I am a student, but also an employee. Which VPN will I be using?  You should be connected to the Employee VPN. To determine which VPN you are connected to, please see FAQ #7. If you are an employee, but are being connected to the student VPN (or not being connected at all) please contact the IST Service Desk.   7. How do I tell which VPN I am connected to? Open your Cisco AnyConnect Client On Windows: A. Expand the list of active programs in your task bar. B. Right-click the "AnyConnect" icon as shown in the following screen shot: C. Click "Open AnyConnect". Proceed to "Opening the Statistics Tab" (below the Mac instructions)   On Mac: A. Open the Launchpad from the dock at the bottom of the desktop. B. Open the Cisco AnyConnect application.   Opening the Statistics Tab Once your AnyConnect client is open you will see the screen shot below. Click the "gear" icon.    Look in the "Client IPv4" field, as shown below: You should have an IP address within the following ranges: Employee VPN: 142.244.54.4-142.244.55.250 Student VPN: 10.0.8.2-10.0.9.254 Guest VPN: 10.0.27.2-10.0.28.254  If you believe you are on the incorrect VPN, please contact the IST Service Desk.   8. I get an error message when I try to use the Mac VPN client. Make sure to follow the instructions when installing the software for Mac. There is an extra step in this installation as compared with the other VPN client installations that ensures only required modules are installed. If you do not complete this step, the VPN will give you an error message.   9. After upgrading to Windows 8, 8.1 or 10, the VPN client no longer works or disconnects frequently. The VPN client does not migrate properly when doing an in-place upgrade to Windows 8, 8.1 or 10.  You will need to remove the client and re-install it to fix this issue.   10. I get an error message when I try to install the Chrome OS on my Chromebook, or my VPN client on my Chromebook is very slow. Make sure you are following the instructions when installing the software for Chrome OS. There is an extra step in this installation as compared with the other VPN client installations. If you do not complete this step, the VPN will not work correctly. Chrome OS must be version 43 or higher.  AnyConnect will not install if your ChromeOS version is older. Automatic Reconnect is not currently available in the ChromeOS AnyConnect client. Any disruption to the wireless connection will require the VPN to be manually re-enabled.  This is most often caused by closing the lid of the laptop. Slow network performance will be noticed on older, low end Chromebooks. Unfortunately there are no workarounds for this issue. Keywords: support central vpn vpn.ualberta.ca general information @context connecting connection tunnel split tunneling student staff cisco anyconnect frequently asked questions service desk help

Introduction An Active Directory (AD) domain is a logical grouping of network objects (like users, computers, and groups) that share the same Active Directory database and are managed by a single administrative unit. There are several AD domains at the U of A including: sts.ad.ualberta.ca (STS) (also called Central Domain) engineering.ualberta.ca (ENGG) ualibrary.ualberta.ca (UALIBRARY) registrar.ualberta.ca (RO) med.ualberta.ca (MED) This article was written to help readers know if their computer is part of an AD domain. Applicability Target Audience: Anyone next to their computer who wants to know their computer’s domain Non-applicable: Domains for MacOS Domains for Mobile devices Remotely finding the computer’s domain For computer names, refer to the Microsoft Support – Locating Computer name Procedure Standard Process for Windows 11 1.0 Windows Login Screen 2.0 Windows Settings 3.0 Command Prompt Standard Process for Windows 11 This section will describe multiple ways to find out if your computer is on an AD domain. 1.0 Windows Login Screen This method is preferred if you cannot log into your computer. If you are logged out already, continue to the next step. If you are signed into your computer, log out as follows: Click the Start Menu icon at the bottom of your screen. Click the User icon on the left tab of the Start menu Click Sign out You should now be in the Windows login screen and the domain is given as shown below under the password field: If your login screen does not show “Sign in to” (Windows 10 and 11) your computer is likely not part of a domain Note: For Windows 7: It should say “Log on to” 2.0 Windows Settings This method uses About your PC from Settings. Tap the Windows key on your keyboard, to the left of the spacebar. Type About your PC in the search field in the window that comes up then click About your PC The domain is shown in the Full device name field 3.0 Command Prompt Type Windows Key+R to open Run Type cmd in the field Once Command Prompt opens type wmic computersystem get domain. The output will be the computer’s domain. Computers that are not on any domain will show WORKGROUP as shown below: Additional Considerations (Notes) Microsoft – Do you need help locating your computer name? Back to Top Keywords: central domain, sts.ad.ualberta.ca, joined, sts domain

Introduction This article will explain how to connect to the University Wireless Service (UWS) with a computer running Microsoft Windows 10/11 while on-campus at the University of Alberta. Applicability The steps in the procedure below apply to anyone with a valid University of Alberta Campus Computing ID (CCID) wishing to connect to UWS while on campus using a Microsoft Windows 10 or 11 equipped computer. Procedure Click the wireless network icon in the bottom right corner of your taskbar. This will open a list of available wireless network connections. Click on UWS once to select it. Make sure the box next to Connect automatically is checked, and click Connect. You will be asked for a username and password. Enter your CCID and your CCID password (the user name and password you use to log on to Gmail). Click OK. If you see a Windows Security Alert pop-up, click Connect. UWS will now show as Connected. Required Software versions (or better) to connect to UWS: A minimum of Microsoft Windows 8.1, with all the latest Microsoft updates, will be required to connect to the UWS wireless network. If your device does not meet this minimum requirement please use the Guest@UA wireless network. Note: Please confirm you have up to date wireless network drivers from your laptop manufacturer.

Introduction This article will explain how to connect to the University Wireless Service (UWS) while on-campus at the University of Alberta. Applicability The steps in the procedure below apply to anyone with a valid University of Alberta Campus Computing ID (CCID) wishing to connect to UWS with a wireless network enabled device. Procedure If at any time you have difficulty or encounter problems with this process, please call IST for support at 780-492-9400. Please confirm you have up to date wireless network drivers from your device manufacturer. Using a computer 1. Click the wireless status icon on your desktop's system tray. This may be either a fan-shaped icon, or a set of ascending bars, typically located near the clock. 2. A list of available wireless networks will appear. Click on UWS. 3. You will be prompted for a username and password. Enter your CCID as your username (all lowercase characters), and your CCID password for your password. Click Connect/OK or whatever option allows you to enter this information and continue. 4. If you are prompted for a security certificate, accept it to continue. 5. Your computer will connect to UWS. Using a mobile device 1. Access your device's settings. 2. In the Wireless or Network section, locate the Wi-Fi option. Make sure it is turned on. 3. Tap the Wi-Fi option. A list of available networks should appear. Select UWS from the list. 4. You will be prompted for a username and password. Enter your CCID as your username (all lowercase characters), and your CCID password for your password. Tap Connect/OK or whatever option allows you to enter this information and continue. 5. Your mobile device will connect to UWS. Note* Some Android operating systems and Chromebooks will ask for additional information: EAP Method = PEAP Phase 2 Authentication = MSCHAPv2 CA Certificate = Use System Certificates User Certificate: None Installed (Default setting) or System Certificate TLS Version: 1.2 Online Certificate Status = Request Certificate Status Domain = ualberta.ca Identity = CCID Anonymous Identity = leave blank Password = CCID password Failed to connect after changing CCID password If you change your CCID password and you are not prompted to re-enter your CCID username and password, forget the UWS wireless network and reconnect from scratch For more detailed instructions (including screenshots) on connecting to UWS from specific devices, please view the following links: UWS With an Android Device [Note: some Samsung devices need to have a CA Certificate (security certificate) added manually] UWS With an iOS Device UWS With MacOS X UWS With Ubuntu Linux UWS With Windows 10 The following Software versions, or better, will be required to connect to UWS: - Microsoft Windows 8.1, with all the latest Microsoft updates. - Apple MacOS 10.13.6. - Apple iOS 11. - Android version 6.0.1. If you continue to have issues with this service that the KB couldn't resolve REPORT A PROBLEM

Introduction   This article covers how to access the Central Domain (sts.ad.ualberta.ca) domain from a domain-joined laptop on the University Wireless Service (UWS) Wi-Fi network     Applicability   Target Audience: Anyone with a computer and user account under the central domain (sts.ad.ualberta.ca)   Prerequisites: computer must have ethernet connection to the central domain (sts.ad.ualberta.ca) user must have an account on the central domain (sts.ad.ualberta.ca) in Active Directory (AD) user account access to the @uanet UWS connection   Non-applicable: Refer to KBA – Frequently Asked Questions on Domain Accounts for the list of departments supported under the central domain Refer to KBA – Confirming if your computer is part of the Central Domain (sts.ad.ualberta.ca) to check if your computer is on the central domain Please contact IST by calling 780-492-9400 or email ist@ualberta.ca for more assistance     Procedure   Basic Information Standard Process Appendix Related Knowledge     Basic Information   Domain accounts are active for both the users and the computers. Clients should be able to access their network drives and printers on the computer if they are connected to the @uanet context: The @uanet context is only available to accounts under the central domain This method is a secure alternative to logging into the VPN   Refer to KBA – Confirming if your computer is part of the Central Domain (sts.ad.ualberta.ca) to check if your computer is on the central domain and for the definitions     Standard Process   How to connect through UWS At your UofA Windows laptop’s login screen, use the WiFi dialogue to connect to UWS: Click the Wifi icon at the bottom left Select UWS Click Connect Your username will be yourccid@uanet and your password is the same as your CCID password Click OK Once connected, you can use the computer login to sign into the domain with your Central AD domain account   Appendix Contact - IST   Related Knowledge Confirming if your computer is part of the Central Domain (sts.ad.ualberta.ca) Frequently Asked Questions on Domain Accounts   Additional Considerations (Notes) [n/a]   Keywords: Windows, Windows 10, Domain, Central Domain, Laptop, Domain laptop, Central Domain Laptop, UWS, UWS Context, UANET, UANET Context

Introduction   University of Alberta (UofA) provides solutions to work remotely by connecting to your desktop computer on campus or working from the Terminal Server (TS) if you are on the central domain (sts.ad.ualberta.ca).   KBA Objective: Provides instructions for setup and connection for Remoting in desktops on Windows/MacOS/iOS/other Operating Systems (OS) Provides instructions for setup and connection for Terminal Server (TS) on Windows/MacOS/iOS/other Operating Systems (OS)     Applicability   Target Audience: Mainly for users under Central Domain (sts.ad.ualberta.ca) Instructions still apply for users outside of the central domain, but may be harder to understand   Non-applicable: Refer to KBA – confirming if your computer is part of the Central domain to check if you are working with STS Refer to ualberta – Active Directory requests to request for a Central Domain account (only from Authorized Approvers / supervisors) Please contact IST by calling 780-492-9400 or email ist@ualberta.ca for more assistance     Procedure   Basic Information Define Remoting into desktop Define Terminal Server Prerequisites on remoting with VPN Remote to desktops 1.0 Find your Windows computer name 2.0 Windows – Set up desktop connection 2.1 Windows – Connect remotely to desktop 3.0 MacOS (Apple) – Set up desktop connection 3.1 MacOS (Apple) – Connect remotely to desktop 4.0 iOS (iPhone & iPad) – Remote to desktop 5.0 Other Operating Systems (OS) Remote to Terminal Server (TS) 1.0 Windows – Set up TS 1.1 Windows – Connect to TS 2.0 macOS (Apple) – Set up TS 2.1 MacOS (Apple) – Connect to TS 3.0 iOS (iPhone & iPad) – Terminal Server 4.0 Other Operating Systems (OS) – Terminal Server Appendix Related Knowledge     Basic Information   Define Remoting into desktop UofA desktop computers will always be connected through an ethernet cord to access the Internet through a hard-wired connection. Once the computers get access to the UofA network, they can access drives, printers and policies that apply to the department.   Another benefit is that you can connect directly to your work computer by remoting in while you are off campus. The required conditions/process are: From your work computer: Need to be connected through ethernet cord Network needs to be active (Network connections can drop and lose access to the computer) Full computer name (i.e. hostname + domain name) From your remote computer: Need to access the network through VPN/gateway Need to set up the desktop/terminal connection on Remote Desktop Connection (RDC)   Define Terminal Server Terminal Server (TS) is a Windows product that is popular in business/enterprise settings to provide basic access to shared drives and some of the applications available from a standard office computer. Some users/departments can also have additional applications/access depending on their Active Directory (AD) accounts for their UofA computers.   The only condition is that only user accounts under the central domain can access TS. The central domain is dependent on a departmental level, not an individual level If your coworkers in your faculty/department can access TS, your account will be able to as well Refer to KBA – confirming if your computer is part of the Central domain to check if your department is on the central domain   Prerequisites on remoting with VPN If you are off-campus or if you do not have access to a UofA ethernet connection (hard-wired internet), then you will need to access the UofA network remotely through a Virtual Private Network (VPN). VPN provides access to computers that are on and hard-wired on campus VPN provides basic access to a Windows computer using a remote session that is accessible for any account under the same domain as the connected domain   The typical application for UofA VPN is Cisco AnyConnect VPN. Please make sure that you have completed these steps before proceeding to remote into computers: If you are only planning to remote into Terminal Server (TS), check if your account is on the STS (central) domain You can either ask your coworkers if your department/account is under STS or you can refer to KBA – confirming if your computer is part of the Central domain If you are not on STS, you can only remote into your own UofA desktop, not TS Click on the Start menu  of your computer and search for Cisco Anyconnect If you have Cisco Anyconnect VPN, you should see the following:   If you do not have the application, please refer to KBA – Access the UofA VPN to follow the sections on installing Cisco AnyConnect VPN For connecting to computers under STS, refer to KBA – Connect to the @uanet VPN context for the instructions For connection to computers outside of STS, you will need a specific VPN context (instead of @uanet) If you do not know your department’s context, either ask coworkers or contact IST by calling 780-492-9400 or email ist@ualberta.ca for “the VPN context of my location”   You are all set for remoting into your UofA desktop computer or Terminal Server. Note: Your desktop computer will need to be turned on and connected through ethernet to be accessible     Remote to desktops   1.0 Find your Windows computer name You must know your computer name before you are able to connect remotely. These steps must be performed while physically at your office computer. If you are unable to gain physical access to your computer, please contact IST by calling 780-492-9400 or email ist@ualberta.ca for more assistance   Click on the Start menu icon then open File Explorer   Right click on This PC and click on Properties   You should see the Full computer name for your UofA desktop computer. Write down that name as you will need this to connect from home Your full account username should follow the format: domain\username   If your account/computer is not under STS, your account should follow your computer as follows (e.g., for the Faculty of ALES): Full Computer name:  COMPUTER_NAME.afhe.ualberta.ca Full Account Username: afhe.ualberta.ca\YOUR_CCID   2.0 Windows – Set up desktop connection NOTE: Your work computer must be powered on and awake for you to connect direct to desktop. Make sure to find your full computer name and full account username before proceeding, as mentioned in Section 1.0 of Remote to desktops Press the Windows Key + R, type mstsc and click OK to open the Remote Desktop Connection (RDC) window Click Show Options In the Remote Desktop Connection window, click on the Advanced tab Click Settings Apply the following settings in this window   In the Logon settings section of the General tab, fill in the following information: Click Save As… to name and save this configuration for later use Remember to pick a location you can easily remember and access   Click Save to close the window or click Connect to connect to your work computer   2.1 Windows – Connect remotely to desktop Make sure that you are connected to the VPN, as mentioned in Prerequisites on remoting Open the RDC configuration that you saved in Section 2.0 of Remote to desktops If the Remote Desktop Connection window appears, click Connect Enter the password you use to access your work computer and click OK You are connected and you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished: 3.0 MacOS (Apple) – Set up desktop connection NOTE: Your work computer must be powered on and awake for you to connect direct to desktop. Quit any applications that are running Click Command + Tab to scroll through your open applications Click Command + Q to close the selected application Download Microsoft Remote Desktop 10 from the App Store: Refer to Apple – Microsoft Remote Desktop 10 for the download Click on View in Mac App Store or Open App Store in the window that pops up When the page opens, click on Get to install After following any default instructions, your Applications folder will now contain a new application called Microsoft Remote Desktop To access your Applications folder, click on the Finder icon on the far left of your Dock When the window opens, click on Applications along the left side   Set Up desktop connection on macOS Follow the instructions below to create a new connection: Make sure to find your full computer name and full account username before proceeding, as mentioned in Section 1.0 of Remote to desktops Open the Microsoft Remote Desktop application Press Command + N on your keyboard Enter the following information (ignore the Add Gateway): Leave the other settings as they are and click Add You will now see Work Computer listed in the Microsoft Remote Desktop window You will only need a VPN connect, then you can double-click it to connect   3.1 MacOS (Apple) – Connect remotely to desktop Make sure that you are connected to the VPN, as mentioned in Prerequisites on remoting Open Microsoft Remote Desktop that you saved in Section 3.0 of Remote to desktops In Microsoft Remote Desktop under PCs, double click on Work Computer A dialogue window may open asking you to verify the certificate, click Continue A dialogue window will open prompting you for your credentials. Enter the following information: If your credentials do not work, make sure your username follows the exact format as mentioned in Section 1.0 of Remote to desktops: domain\CCID You are connected and you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished: 4.0 iOS (iPhone & iPad) – Remote to desktop NOTE: Your work computer must be powered on and awake for you to connect direct to desktop.   Installing the Software on iOS Download and install Microsoft Remote Desktop 10 from the App Store: Refer to Apple – Microsoft Remote Desktop 10 for iOS for the download   Set up desktop connection Make sure to find your full computer name and full account username before proceeding, as mentioned in Section 1.0 of Remote to desktops Tap the Microsoft Remote Desktop Client icon on your device to launch it If prompted for access to Bluetooth or others, tap Continue and then tap OK for each request Tap + in the top right corner of the Microsoft Remote Desktop Client app Tap Add PC Enter the following information: PC Name: your_full_computer_name User Account: Ask When Required Friendly Name: Work Computer Back in the Add PC screen tap Save You will now see Work Computer listed in the RD Client window   Connect remotely to desktop Make sure that you are connected to the VPN, as mentioned in Prerequisites on remoting Tap the Microsoft Remote Desktop Client icon on your device to launch it Under PCs, tap on Work Computer to connect Enter the following into the dialog window that opened: Username: full username mentioned in Section 1.0 of Remote to desktops Password: Your work computer’s password   You are connected and you should see your work computer’s desktop on your screen and the Connection Bar will be visible   Remember to log off your work computer when finished: 5.0 Other Operating Systems (OS) NOTE: Your work computer must be powered on and awake for you to connect direct to desktop. Other operating systems (Android, Linux etc.) will require remote desktop client software. See your operating systems app store for more details. Make sure to find your full computer name and full account username before proceeding, as mentioned in Section 1.0 of Remote to desktops You will need to connect to the gateway.sts.ad.ualberta.ca gateway server or connect to the VPN as mentioned in Prerequisites on remoting   Your computer log in information is as follows: Username: full account username (domain\ccid) Password: your_Windows_password   When you are connected, you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished:       Remote to Terminal Server (TS)   1.0 Windows – Set up TS Note: TS is only accessible for users with STS accounts (mentioned in Define Terminal Server)   Press the Windows Key + R, type mstsc and click OK to open the Remote Desktop Connection (RDC) window   Click Show Options   Enter ts.ualberta.ca in the Computer field and STS\your_ccid in the User name field   Click on the Advanced tab Click Settings Make sure, Automatically detect RD Gateway server settings is selected and click OK Click on the General Tab and then click Save As… to name and save this configuration for later use Remember to pick a location you can easily remember and access Click Save to close the window   1.1 Windows – Connect to TS Open the saved configurations mentioned in Section 1.0 of Remote to TS If a warning message appears, click on Show Details to review what the remote computer will be able to access Once you are satisfied with your selections, click Connect Enter the password you use to access your work computer and click OK You are connected. You should now see your work computer’s desktop on your screen and the Connection Bar will be visible. Remember to log off the terminal server when finished: 2.0 macOS (Apple) – Set up TS Note: TS is only accessible for users with STS accounts (mentioned in Define Terminal Server)   Quit any applications that are running Click Command + Tab to scroll through your open applications Click Command + Q to close the selected application Download Microsoft Remote Desktop 10 from the App Store: Refer to Apple – Microsoft Remote Desktop 10 for the download Click on View in Mac App Store or Open App Store in the window that pops up When the page opens, click on Get to install After following any default instructions, your Applications folder will now contain a new application called Microsoft Remote Desktop To access your Applications folder, click on the Finder icon on the far left of your Dock When the window opens, click on Applications along the left side   Set up Terminal Server Connection on macOS Follow the instructions below to create a new connection: Open the Microsoft Remote Desktop application Press Command + N on your keyboard Enter the following information: You will now see University of Alberta listed in the Microsoft Remote Desktop window 2.1 MacOS (Apple) – Connect to TS   Make sure that you are connected to the VPN, as mentioned in Prerequisites on remoting Open University of Alberta that you saved in Section 2.0 of Remote to TS A dialogue window will open prompting you for your credentials. Enter the following information:   You are connected and you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished:   3.0 iOS (iPhone & iPad) – Terminal Server Note: TS is only accessible for users with STS accounts (mentioned in Define Terminal Server)   Installing the Software on iOS Download and install Microsoft Remote Desktop 10 from the App Store: Refer to Apple – Microsoft Remote Desktop 10 for iOS for the download   Set Up Terminal Server Connection on iOS Tap the Microsoft Remote Desktop Client icon on your device to launch it If prompted for access to Bluetooth or others, tap Continue and then tap OK for each request Tap + in the top right corner of the Microsoft Remote Desktop Client app Tap Add PC Enter the following information: PC Name: ts.ualberta.ca User account: Ask when required Friendly name: University of Alberta   Back in the Add PC screen tap Save You will now see University of Alberta listed in the RD Client window   Connect to Terminal Server on iOS Make sure that you are connected to the VPN, as mentioned in Prerequisites on remoting Tap the Microsoft Remote Desktop Client icon on your device to launch it Under PCs, tap on University of Alberta to connect Enter the following into the dialog window that opened: Username: : STS\your_ccid Password: Your work computer’s password   You are connected and you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished: 4.0 Other Operating Systems (OS) – Terminal Server Note: TS is only accessible for users with STS accounts (mentioned in Define Terminal Server)   Other operating systems (Android, Linux etc.) will require remote desktop client software. See your operating systems app store for more details. You will need to connect to the gateway.sts.ad.ualberta.ca gateway server or connect to the VPN as mentioned in Prerequisites on remoting The computer name is: ts.ualberta.ca You will need to know your computer log in information: Username: STS\ccid  (not case sensitive) Password: your_Windows_password   When you are connected, you should see your work computer’s desktop on your screen and the Connection Bar will be visible Remember to log off your work computer when finished:     Appendix Contact - IST Apple – Microsoft Remote Desktop 10 ualberta – Active Directory Accounts (Create, Modify, Remove)   Related Knowledge KB0012158 – Access the University of Alberta VPN KB0012891 – Confirming if your computer is part of the Central Domain (sts.ad.ualberta.ca) KB0013010 – Connect to the @uanet VPN context   Additional Considerations (Notes) [n/a]     Back to Top   Keywords: terminal, server, central domain, AD, ad.ualberta.ca, STS, resources, home, remote, desktop, direct, ipad, ios, direct to desktop, gateway, VPFA, VPFO, AIS, ANCILLARY, EHS, EXTN, FO, FS, HRS, LAW, REO, RMS, RSO, SMS, UAPS, UR,

Introduction This article will demonstrate how to connect to the eduroam network. eduroam (Education Roaming) is a secure, worldwide roaming access service developed for the international research and education community. Having started in Europe, eduroam has gained momentum throughout the research and education community and is now available in 70 territories. eduroam allows students, researchers and staff from participating institutions to obtain Internet connectivity across campus and when visiting other participating institutions by simply opening their laptops. Further, the City of Edmonton has also deployed eduroam services at many of their facilities offering you the ability to be online in many places across the city (or world) using the same wireless network and your UofA CCID credentials Applicability This article applies to any University of Alberta faculty, staff, student, or guest who needs to connect to the eduroam wireless network to access University of Alberta resources or basic Internet access. Please be aware that if you have a University of Alberta Campus Computing ID (CCID), you can connect to eduroam while physically located at a University of Alberta campus.   The following software versions, or better, will be required to connect to eduroam: - Microsoft Windows 8.1, with all the latest Microsoft updates. - Apple MacOS 10.13.6. - Apple iOS 11. - Android version 6.0.1. Procedure If at any time you have difficulty or encounter problems with this process, please call the Staff Service Centre for IT support at 780-492-8000 Ext. 1. Between the hours of 7:30 AM to 6:00 PM Monday to Friday. Using the website here will help you find locations where eduroam is available: https://monitor.eduroam.org/map_service_loc.php You can also use the eduroam Companion app for your smartphone to find locations as well: https://eduroam.org/eduroam-companion-app/ Using a computer 1. Click the wireless status icon on your desktop's system tray. This may be either a fan-shaped icon or a set of ascending bars, typically located near the clock. 2. A list of available wireless networks will appear. Click on eduroam. 3. You will be prompted for a username and password. Enter your CCID@ualberta.ca as your username (all lowercase characters), and your CCID password for your password. Click Connect/OK or whatever option allows you to enter this information and continue. 4. If you are prompted for a security certificate, accept it to continue. 5. Your computer will connect to eduroam. Using a Mobile Device 1. Access your device's settings. 2. In the Wireless or Network section, locate the Wi-Fi option. Make sure it is turned on. 3. Tap the Wi-Fi option. A list of available networks should appear. Select eduroam from the list. 4. You will be prompted for a username and password. Enter your CCID@ualberta.ca as your username (all lowercase characters), and your CCID password for your password. Tap Connect/OK or whatever option allows you to enter this information and continue. 5. Your mobile device will connect to eduroam.   Note* Some Android operating systems and Chromebooks will ask for additional information: EAP Method = PEAP Phase 2 Authentication = mschapv2 CA Certificate = Use System Certificate with the domain 'ualberta.ca'. Domain = ualberta.ca Identity = CCID@ualberta.ca Anonymous Identity = leave blank Password = CCID password For more detailed instructions (including screenshots) on connecting to eduroam from specific devices, please view the following links: eduroam with Windows eduroam with Mac OS X eduroam with iOS eduroam with Ubuntu Linux eduroam with Android and Chromebooks

Introduction This article will demonstrate how to connect to the Guest@UA wireless network. The Guest@UA is a free wireless connection to check email, participate in conferences or browse the web. It is for University of Alberta visitors who do not have a Campus Computing ID (CCID). Note: This is a performance-limited resource and is not intended for those with a valid CCID. Applicability This article applies to guests of the University of Alberta who need to connect to a wireless network to check email, participate in conferences or browse the web. Please be aware that the Guest@UA wireless network is not for members of the University of Alberta who have a Campus Computing ID (CCID) Procedure If at any time you have difficulty or encounter problems with this process, please call the Staff Service Centre for IT support at 780-492-8000 Ext. 1. Between the hours of 7:30 AM to 6:00 PM Monday to Friday. Connecting to Guest@UA 1. Click the wireless connection icon near the clock. Scroll down the list until you find the Guest@UA wireless network, and select it from the list of networks. 2. When you connect to the Guest@UA wireless network your computer will launch a web browser to the University of Alberta Guest wireless service webpage. 3) After you accept the terms of the Acceptable Use Policy you will be presented a screen similar to the image below. Type your email address into the window. An email message will be sent to the email address you provided. 5) The email message sent to you will look similar to the image below. You may need to look in your SPAM folder. Email will be from: uofaguest@ualberta.ca. You must press the Activate Access button to log into the Guest@UA wireless network. 6) If you press the Activate Access button within the 5 minute time limit you will be granted access. Your web browser will automatically be redirected to the University of Alberta homepage. If you fail to press the Activate Access button within the allotted time you will need to reconnect to the Guest@UA wireless network and start the process all over again. Additional Considerations Below are links on how to connect to eduroam, should you have an active University of Alberta CCID. https://universityofalberta.freshservice.com/support/solutions/articles/19000125813

Introduction This article will explain details regarding the different wireless networks available on the University of Alberta Campuses. It will explain which networks are available for use and the security details required to use when joining. Applicability The article applies to anyone on the University of Alberta Campuses wishing to connect to the wireless network. Procedure All wireless network devices MUST support Transport Layer Security (TLS) 1.2 or better IST has tested and can provide assistance for devices running the following Software versions or newer: Microsoft Windows 8.1, with all the latest Microsoft updates Apple MacOS 10.13.6 Apple iOS 11 Android version 6.0.1 Devices running Linux or custom firmware's can be provided best effort support only and devices must support the more specific requirements as defined below for each wireless network. When purchasing equipment for teaching and research please confirm the equipment supports the WPA2-Enterprise security type. If the equipment supports WPA2-Personal only then there is a possibility of the equipment not being able to connect to the University Wireless Network. All wireless networks have client isolation enabled. Client isolation is used to protect devices on the wireless network by preventing devices from communicating directly with each other. Network Name Supported Security Types WPA2/WPA3 Encryption Authentication Protocols Supported Who can use Wireless Frequencies Supported UWS WPA2/WPA3-Enterprise AES(CCMP128) PEAP-MSCHAPv2 All members of University of Alberta with valid Campus Computing ID (CCID) - 2.4 GHz - 5 Ghz - 6 Ghz eduroam WPA2/WPA3-Enterprise AES(CCMP128) PEAP-MSCHAPv2, TTLS Any staff or student from an eduroam-connected organization, which include University of Alberta with valid Campus Computing ID (CCID) - 2.4 GHz - 5 Ghz - 6 Ghz Guest@UA Open (No enforced security) Open (No encryption) Web authentication with email registration All guests visiting the University of Alberta campuses. UofA email addresses are not allowed - 2.4 GHz - 5 Ghz DevNet WPA2 Personal Pre-Shared Key Registered Infrastructure or Research based equipment that is unable to connect to UWS - 2.4 GHz - 5 Ghz AHSRestrict Please contact AHS IT Support for all requirements for this network: https://www.albertahealthservices.ca/about/page12928.aspx Note: We have found that some devices are having difficulty connecting to wifi6 wireless networks, such as eduroam and UWS. This is due to the devices lack of support for Wi-Fi Protected Access 2(WPA2) / Wi-Fi Protected Access 3 (WPA3) transition mode. WPA2/WPA3 Transition mode allows devices which support WPA3 protocol to connect, while allowing older devices to use WPA2 Personal (AES) instead. We advice people to contact their device manufacturer support team to discuss any workarounds and to confirm device is fully updated.

Introduction This article will deal with standards required for connecting devices to the Devnet wireless network. Applicability The article applies to anyone on the University of Alberta Campuses who requires to connect research and infrastructure equipment to wireless, which does not support WPA2/WPA3-Enterprise security and must use WPA-Personal security. Background information The DevNet wireless network exists and is designed to support research and infrastructure focused devices that are incompatible with Enterprise type authentication security protocols. This may include devices such as experimental hardware and sensors that researchers may procure to meet specific needs or building monitoring/control systems in locations sor short periods or in locations not conducive to installing a cable. To provide appropriate security around what fundamentally are IOT devices, DevNet is isolated from the main university network and direct two-way communications are not allowed. DevNet devices must initiate a connection outbound to campus or cloud based services. It's important to clarify that while IST provides the wireless service, it does not supply the devices. Researchers ensure their devices are updated with the latest security patches. Devices must comply with these requirements to avoid being disconnected from the network. All users are required to adhere to the University of Alberta's IT Security Policy. While IST support is available for connectivity issues, the onus remains on the device owner to ensure their devices comply with all security guidelines. Accounts on the DevNet network require renewal/verification annually to ensure that credentials for devices that fall out of use do not remain active for extended periods. Before the expiry date an email will be sent to the ccid of the identified owner to verify the active state of this device and update the password, etc. Device Requirements The device must support WPA2-Personal wireless security. The device must support Transport Layer Security (TLS) version 1.2 or better The device should be upgraded to the latest firmware version from the manufacturer website to present the best chance of compatibility with the wireless network. The device should support both the 2.4 Ghz and 5 Ghz wireless frequency bands. If the device only supports the 2.4Ghz wireless frequency band the service cannot be guaranteed due to the high congestion and interference of the 2.4 Ghz wireless frequency band The DevNet wireless network has client isolation enabled, to prevent one device from communicating with another device directly. The device must be able to be configured and operate independently from other devices like a cell phone. Cloud managed devices are best. Procedure To connect a device to DevNet, researchers must obtain credentials from the IST. Devices require support for WPA-Personal type security to use DevNet. IST will provide per-device or group of device passwords linked to each device’s MAC address. If a device cannot support WPA-Personal security, alternative solutions, such as wired connections, need to be explored as open wireless networks without some form of validation are not permitted. Submit a request on the Service Centre Portal to have the device connected to wireless, https://www.ualberta.ca/en/services/staff-service-centre/index.html. Please have the Make, Model, location of equipment and MAC address of the equipment ready to document in the request. Also document the Research or Infrastructure project this equipment will be associated with IST will create a wireless Pre-Shared Key(PSK) for the device. Configure device to connect to the DevNet wireless network and enter Pre-Shared Key when prompted. DevNet Endpoint Reservation and Expiry https://universityofalberta.freshservice.com/support/solutions/articles/19000109511