Update: The VPN will soon prompt for user verification in its own browser window instead of your default browser.

Please note: If you are a student looking for VPN instructions you can find them at port.ac.uk/it

You are advised that the use of a currently supported operating system with an up to date antivirus/malware product is required for connecting to any University network including the VPN.

Signing into the VPN

In order to sign into the VPN you will now need to use multi-factor authentication (MFA) using a Time-based One Time Password (TOTP) each time you log in. This involves being sent a code via a secure method to ensure that only you are able to sign in using your login details. These password are only usable for a limited time and you will probably be familiar with this method when signing into your bank or other websites.

 

Using the Staff VPN on Windows

If you do not already have the VPN app (GlobalProtect VPN) installed on your device you will need to download and install it, following the instructions for Option 1. If you already have the app you should follow the instructions for Option 2.

If you already have the GlobalProtect VPN app installed, go to option 2.

  1. Please go to staff.vpn.port.ac.uk.
  2. Sign in with your staff username and password.
  3. You will be asked to enter a One-Time Authentication Code. This will be sent to your contact method of choice.
  4. Type in this code and click Next.
  5. You will be presented with download options, pick the one that matches your operating system, download and install it.
  6. Open the VPN from the icon tray, clicking the up arrow and selecting the globe icon.
  7. When you first open the VPN you will be asked to enter a portal address. Enter staff.vpn.port.ac.uk.
  8. Go to step 3 to connect to the VPN.

After installing for the first time or reconfiguring the VPN, you can connect:

  1. Open the VPN from the up arrow in the Icon Tray and click Connect.
  2. A browser window will open asking you to sign in, use your staff username and password e.g. bloggsj.
  3. You will be asked to enter a One-Time Authentication Code. This will be sent to your contact method of choice.
  4. Type in this code and click Next.
  5. The first time you connect this window will close and you can confirm that you have connected successfully from the globe icon in the icon tray. The next time you connect the authentication screen will open with your default browser. There may be additional checks to allow the browser to work with the VPN. Please accept/allow these browser requests.

 

Using the Staff VPN on macOS

If you do not already have the VPN app (GlobalProtect VPN) installed on your device you will need to download and install it, following the instructions for Option 1. If you already have the app you should follow the instructions for Option 2.

If you already have the GlobalProtect VPN app installed, go to option 2.

  1. Please go to staff.vpn.port.ac.uk.
  2. Sign in with your staff username and password.
  3. You will be asked to enter a One-Time Authentication Code. This will be sent to your contact method of choice.
  4. Type in this code and click Next.
  5. You will be presented with download options, pick the one that matches your operating system, download and install it.
  6. Open the VPN from the Finder bar, when you first open the VPN you will be asked to enter a portal address. Enter staff.vpn.port.ac.uk.
  7. Go to step 3 to connect to the VPN.

After installing for the first time or reconfiguring the VPN, you can connect:

  1. Open the VPN from the Finder bar and click Connect.
  2. A browser window will open asking you to sign in, use your staff username and password e.g. bloggsj.
  3. You will be asked to enter a One-Time Authentication Code. This will be sent by default to the email address you provided when you registered with the University.
  4. Type in this code and click Next.
  5. The first time you connect this window will close and you con confirm that you have connected successfully from the globe icon in the Finder bar. The next time you connect the authentication screen will open with your default browser. There may be additional checks to allow the browser to work with the VPN. Please accept/allow these browser requests.

Using the Staff VPN on iOS

  1. Open the App Store on your iOS Device

  2. Search for Global Protect

  3. Find the GlobalProtect App and select Install. When installed, open the app.

  4. Login with the portal address staff.vpn.port.ac.uk and your staff username and password e.g. BloggsJ

  5. Enter your One-Time Authentication Code sent to your personal email or mobile phone.

  6. There may be a prompt asking you to allow the set up of a VPN configuration. Click Allow

  7. You will now be connected to the VPN and will remain connected until you disconnect or until you turn off your device.

You can return to the GlobalProtect App to disconnect and reconnect to the VPN.

Using the Staff VPN on Linux

It is assumed you'll be familiar with using the command-line in order to set up the VPN. Once connected to the VPN you'll be able to access University resources such as SSH or the intranet in the same way as though you were on campus.

  1. Please download the archive file: PanGPLinux-5.2.6-c18.tgz
  2. Open a terminal (ensure you are a superuser e.g. root, or use the sudo prefix). Untar the archive file. 
  3. This archive file supports both Redhat/CentOS and Debian/Ubuntu Linux operating systems and other platforms and contains the following files:

    ./GlobalProtect_deb-5.2.6.0-18.deb
    ./GlobalProtect_deb_arm-5.2.6.0-18.deb
    ./GlobalProtect_rpm-5.2.6.0-18.rpm
    ./GlobalProtect_rpm_arm-5.2.6.0-18.rpm
    ./GlobalProtect_tar-5.2.6.0-18.tgz
    ./GlobalProtect_tar_arm-5.2.6.0-18.tgz
    ./GlobalProtect_UI_deb-5.2.6.0-18.deb
    ./GlobalProtect_UI_rpm-5.2.6.0-18.rpm
    ./GlobalProtect_UI_tar-5.2.6.0-18.tgz
    ./manifest
    ./relinfo

    Select the file relevant to your Linux OS. Our recommendations are as below:

    Debian/Ubuntu Linux 
    GlobalProtect_UI_deb-5.2.6.0-18.deb

    Redhat/CentOS Linux
    GlobalProtect_UI_rpm-5.2.6.0-18.rpm

  4. Use the following command to install yum localinstall GlobalProtect_UI_rpm-5.2.6.0-18.rpm

  1. Once installed a small Icon in the top Menu bar will appear and a Welcome to GlobalProtect entry display will pop up instantly asking to enter the Portal address for connection. Enter: staff.vpn.port.ac.uk and click Connect.
     
  2. A browser window will open asking you to sign in with you student username and password e.g up1234567
     
  3. You will be asked to enter a One-Time Authentication Code. This will be sent by default to the email address you provided when you registered with the University. Type in this code and click Next.

You will now be connected to the VPN

You can confirm that you have connected successfully from the globe icon in the menu bar. The next time you connect the authentication screen will open with your default browser. There may be additional checks to allow the browser to work with the VPN. Please accept/allow these browser requests. If the connection appears to be slow, click the 'click here' link in the 'Authentication Complete' browser notification.

Using the Staff VPN on ChromeOS

This method requires access to the Android Play Store. Find out if your Chromebook supports Android apps.

  1. Open the Play Store on your ChromeOS Device
  2. Search for Global Protect
  3. Select the Global Protect App and select Install. When installed, open the app. .
  4. For the Portal Address type: staff.vpn.port.ac.uk.
  5. Enter your Staff username and password e.g. BloggsJ
  6. Enter your One-Time Authentication Code sent to your personal email or mobile phone.
  7. Note: when you connect for a second time, you will see a prompt from your browser asking you to allow the GlobalProtect app to interact with it. Allow this as failing to do so will stop the VPN working..
  8. You will now be connected to the VPN and will remain connected until you disconnect or until you turn off your device/put it to sleep.

You can return to the GlobalProtect App to disconnect and reconnect to the VPN 

Adding other authentication methods

If you would like to have other options to use as for multi-factor authentication, you can add the following additional methods:

  1. Visit secure.port.ac.uk.
  2. Sign in with your staff username and password and click Sign in.
  3. Enter your one time code sent to your registered mobile phone number.
  4. Click Add then select Use an authenticator app.
  5. Click the Get QR code button.
  6. If you do not already have the Microsoft Authenticator App you will need to download from your app store.
  7. Open the app and click Scan a QR code to create a new setup. If you have used this app previously, you can add a new entry by choosing the 3 dot menu at the top of the page and tapping Add account then choose Work or school account then Scan a QR code.
  8. Scan the QR code shown on your screen using the Scan a QR code on your device.
  9. An entry called Netiq will be added, you will use this option to get your one time code in furture. If you have biometrics (fingerprint reader) enabled you may be asked if you would like to use this in future.

  1. Visit secure.port.ac.uk.
  2. Sign in with your staff username and password and click Sign in.
  3. Enter your one time code sent to your registered mobile phone number.
  4. Click Add then select Use an authenticator app.
  5. Click the Get QR code button.
  6. If you do not already have the Google Authenticator app you will need to download from your app store.
  7. Open the app and click + to create a new setup.
  8. Scan the QR code shown on your screen using the Scan a QR code on your device.
  9. An entry called Netiq will be added, you will use this option to get your one time code in furture. If you have biometrics (fingerprint reader) enabled you may be asked if you would like to use this in future.

Troubleshooting

If you do not recognise or have access to the email address that is used for your one-time code, you will need to update your email address used in Staff Records.

Ensure you have the Authenticator option selected at the bottom on the screen, not the password option.

Disconnect and try again. You can also select the Click here link on the Authentication Complete web page.

Reboot your computer.

Setting IPv6 to manual sometimes fixes this issue. If you are not familiar with the network settings on macOS, contact us using the details at the top of this page.

Only one Authenticator App can be used for MFA on the VPN at a time. You can add or remove MFA methods (see below).

You can add or delete MFA methods at secure.port.ac.uk. To delete a MFA method, click the MFA option you would like to remove and click the trash can to delete.

All one time codes have time limits for which they are valid, obtain another code and ensure it is entered before it becomes invalid:

  • Email - 10 minutes.
  • Authenticator app - 30 seconds.
  • Text message - TBC.

This sometimes happens when using an authenticator app, we are currently investigating why this happens, let us know you have this error and use another MFA method.

For help regarding this article contact IT Support.