Skip to content Skip to main navigation Report an accessibility issue

OIT News

Upcoming change to the VPN

Pulse Secure logo

On July 1, 2020, OIT will be changing how you log in to the Virtual Private Network (VPN), We are upgrading authentication to use the Central Authentication Service (CAS).  

When you log in to the VPN via the browser or the Pulse Secure app, you will be presented the same CAS authentication screen used by most UTK applications, including MyIRIS and MyUTK. If your account is enabled for two-factor authentication, you will need to approve the Duo login to access the VPN. 

What you need to know  

Default Windows client and Windows Store Client

  • These clients do not support two-factor authentication.  
  • Install the Pulse Secure client from the OIT Software distribution site to continue to use the VPN after the upgrade.

Pulse Secure 

  • Make sure you install the latest version of the Pulse Secure client from the OIT Software distribution site.
  • 2FA 7-day Remember Me Option: 
    • The Windows Pulse Secure client will cache credentials and honor the 7-day Remember Me option.  
    • The Mac Pulse Secure client does not cache credentials or honor the 7-day Remember Me option. You must enter your NetID and Password and two-factor each time you log in. 
  • Pulse Secure supports Duo Push and Passcodes but does not work with Yubikeys.  
  • Logins are good for 24 hours before you must re-authenticate to the VPN.  

Automated Workflows  

Automated workflows are not compatible the Central Authentication Service (CAS).

If you are currently using automated workflows, please let us know how you are using them, and which account is performing the authentication request. Submit the information online at   

For Linux  

You have multiple options for connecting to the VPN:  

  1. Pulse Secure client. The Pulse Secure client is available as a .deb and .rpm. OIT recommends the newest version of the client, 9.1R5, available from the OIT Software distribution site.  
  2. OpenConnect. OpenConnect is available via most OS package managers; however, a wrapper must be installed to extract the cookie after login. Download the wrapper from GitHub; the instructions are available in the README.  

If you have any questions or need assistance setting up your VPN connection, please contact the OIT HelpDesk.