As we prepare for more faculty and staff having to work from home, we are getting a lot of questions and confusion about how to use VPN access to do your jobs remotely. This post will attempt to sort all that out.
- What is VPN, anyway? It stands for Virtual Private Network. In our case it’s a piece of software (GlobalProtect) that runs on your computer and connects to the campus firewall, and creates an encrypted connection between your computer and the Baruch network. This connection means that your computer can access resources that are normally only available if you’re actually on campus. For us this is primarily campus desktops (from which you can access share drives) and Baruch and CUNY-specific servers.
- You do NOT need a VPN to access any of the following:
- Baruch email (either through Outlook Web Access or by installing the Outlook client on your home computer)
- The Baruch website
- Any Baruch or CUNY resources available from the “Quick Links” menu on the Baruch homepage, including Blackboard
- Any files stored in Office 365 or Dropbox
- CUNYfirst, except for the reporting instances.
- Access to library databases (this is provided automatically through the links from the Library homepage which are configured to require a Baruch username and password.)
- Videoconferencing solutions available to the campus, including Microsoft Teams (https://teams.microsoft.com/ through Office365), Zoom (https://baruch.zoom.us, use Baruch username and password), or WebEx (https://connectcuny.webex.com, use your CUNY Logon credentials)
- You need the VPN to access:
- Data on your office computer’s hard drive (in the My Documents folder)
- Data on network share drives (usually off the S: drive)
- CUNYfirst reporting instances
- Specific servers that for security reasons are only available from on-campus. This used to apply primarily to technical staff, but there are some academic systems that are not available from off-campus, and in June 2021 we configured HRAssist to only be available from on-campus or the VPN to enhance security.
The VPN is used to connect to your office computer via Remote Desktop Connection. This software comes with most versions of Microsoft Windows, and is available in the Mac App Store, as well as for iOS and Android phones and tablets. (The GlobalProtect VPN software is available for all those devices as well). The instructions for VPN access are available at https://baruch.cuny.edu/vpn. These instructions will work for Macs and PCs, and you will basically be connecting to the VPN portal and downloading the VPN client software and installing it. You can access the VPN from your personal home computer. We do ask that you are using a current version of your operating system and that you have working antivirus software and a firewall (the VPN connection will inform you if you don’t have that when you log in.) Please also note that you may not need the VPN for the full workday if you’re doing work from home, and you can connect and disconnect as needed. While we believe our firewall can handle the additional connections, we may need to conserve resources and bandwidth if we see issues.
We have simplified VPN access and it should be available to users without making a call or email request to the Helpdesk. You should also be able to access your computer via Remote Desktop without BCTC having to do any additional configuration. You will need to know your computer name however. Computer names are usually your room location, a dash, and a 6-digit alphanumeric code. You can get it by looking at your My Computer icon which has a name like “My Computer name is H930-Bxxxxx” (“xxxxx” is a number). You can also go to “Settings/System/Projecting to the PC (or in some versions Remote Desktop)” and reading the address on that page which will be in the format H930-Bxxxxx.bc.baruch.cuny.edu. You should not need the “.bc.baruch.cuny.edu” part but it will work if you type it in.
Remote Desktop Connection computer entry screen
If you’ve logged into the VPN and connected to your computer with Remote Desktop, you may get a few different screens. This one may show up on newer versions of Windows 10:
Dialog asking you to trust your computer for Remote Desktop
You can click “Don’t ask me again” and then “Connect” here.
You will then get a popup about a certificate warning:
Message telling you to accept certificate
You want to click “Don’t ask me again for connections to this computer” This message is because we use internally signed certificates, it does not mean the connection is not secure–it is fully encrypted end-to-end.
You will then get the login screen. Note this is after clicking on the “More Choices” text that you can dimly see here. Also note this is on a computer running Windows 10 in dark mode; other computers might display this box different but it will generally have the same information:
This is where you type in your username and password.
You will need to enter your username as “bc\username” to connect to the Baruch domain, since the computer you’re connecting from isn’t on the Baruch domain. Once you type in your password you will get a popup window (or a full-screen window) and will see a Windows login similar to what you see in the office. You will then get your Windows desktop just like you’re at work:
This is just like you’re in the office!
To discounnect your Remote Desktop session when you’re done, you can either click “Log Out” from the Start menu, or just click the “x” on the upper right corner of the window, which will give you this message:
This is the same as locking your computer but staying logged in.
You can do this, since it’s the same as locking your computer in your office instead of logging out.
Hopefully this post helps demystify some of the VPN process, and will help you use it if you need it. Again, remember that for much of your work-at-home work you won’t need a VPN at all. And as always the BCTC Helpdesk can answer questions, and can work with you on a remote support session to help configure your home computer for VPN and Remote Desktop, as well as help you find your office computer name to connect.
