Notice: Information and plans for upcoming academic terms. Learn more.

University of Regina Logo

Information Services

Configuring VPN Clients

Computing Services Technote #569 v9

Title: Configuring VPN Clients for UofR Secure Connection
Applies to: VPN users
Section: Network
Owner: Network Analyst, Network & Communication Services
Last updated: September 1, 2020

Introduction

A virtual private network(VPN) creates an encrypted connection to the UofR network which allows your computer to appear as though it is "on campus" even though it is not. This allows services that are not available from off-campus due to firewall security rules, to be accessed from anywhere in the world.

Only traffic destined to the UofR will flow through the VPN connection - regular internet browsing will not. This note describes the configuration of VPN Clients so that you can securely tunnel to the University of Regina campus from off-campus.

VPN Modes

There are two ways to use the VPN:
  1. Web-only Mode - The VPN connection is all handled by the web browser so no additional software is needed. It is primarily limited to typical websites accessible over http or https. Websites using a non-standard port number like https://somesite.test:8080/ will likely not work.
  2. Tunnel mode -  This allows any website, protocol, or service to be accessed but required the installation of a VPN client. 

Web-only Mode Configuration

To connect to a web site complete the following:

  • open a web browser and connect to https://vpn.uregina.ca/ and login with your uregina.ca username and password. You will then see a screen like:

VPN Web Only Mode

  • Click on the Quick Connection button and past the website address into the URL text box(example below) and click Launch
    VPN Web Only Mode
  • A new window or Tab will open in your browser where you can now access the internal UofR website over a secure VPN connection.

If you regularly access a site you can create a bookmark on the main VPN page by clicking on the +New Bookmark button and then filling in the bookmark info. The name is what is displayed for the bookmark when you login and the URL is the web site address. The description is optional.  Once you have created a bookmark you can just click on the icon to access the website. The screenshot below illustrates creating a bookmark for FAST

VPN Web Only Mode

If the application uses an html based login and the same uregina.ca username/password you used to login to the VPN you may be able to set SSO(single sign-on ) to Automatic for your bookmark to have your login username and password passed automatically to the web page. Whether this work depends on the details of the web page so just give it a try and it if doesn't work you can always disable it. If it does work and the application returns you to the login page when you logout beware that the VPN will automatically login you in again. To prevent this, close the web browser tab/window after you logout.


Tunnel Mode

For support for all protocol/service types(for example web sites on non-standard ports) installation of a VPN client is required. Instructions are provided below for Windows, MacOS, IOS, and Android systems

Windows 8/10 Fortinet SSL VPN Client Installation/Configuration

Installation

  1. Log in to your Windows system as administrator - this is necessary for the initial installation of the Fortinet SSL Client.
  2. Open an internet browser and type in https://vpn.uregina.ca/ in the address bar. At the "Please Login" prompt enter your uregina.ca username and password.
  3. Now you will be in the SSL-VPN Portal web page. Click the "Download FortiClient" box in the top left and then choose "Windows".
  4. This will take you to the FortiClient Download webpage http://forticlient.com/#download
  5. Click "Download" to the right of the page.
    VPN Tunnel Mode Mac
  6. Click the box "Download for Windows" under "FortiClient VPN".
    FortiClientVPN.png
  7. Save the FortiClientOnlineInstaller.exe
  8. Click the "Run" button and then install the FortiClient by accepting the "License Agreement" and then clicking "Next".
    VPN Tunnel Mode
  9. Click "Install" to install the FortiClient on your windows computer.
    VPN Tunnel Mode

    

 

Configuration

  1. Open the FortiClient by clicking Start | FortiClient | FortiClient. If you use the VPN frequently you may want to create a shortcut on your Desktop (drag FortiClient and drop it on the Desktop to create a shortcut).
  2. This version of Forticlient is much simpler and easier to use and doesn't come cluttered with older add-ons.
    VPN Tunnel Mode

  3. Click on the checkbox to acknowledge the terms and conditions of use of the software.
    VPN Tunnel Mode
  4. Click "Configure VPN"
    VPN Tunnel Mode
  5. At the top choose "SSL-VPN"
  6. Connection Name: UofR SSL-VPN
  7. Description: UofR SSL-VPN
  8. Server Remote Gateway https://vpn.uregina.ca
  9. Authentication: Prompt on the login
  10. Client certificate: Set to 'None'
  11. Do not Warn Invalid Server Certificate: <leave it unchecked>
  12. Click "Save" to save changes
    VPN Tunnel Mode
  13. Enter your username and password then click "Connect"
    VPN Tunnel Mode
  14. Once configured a menu appears in the menu bar that allows you to easily connect/disconnect:
      vpn-logged in page
  15. Now you are securely connected to the U of R network, and your computer will behave as though it is "on campus". This connection will allow you to securely access applications that are restricted to on-campus use like FAST and URDocs.
  16. When you are done using the VPN to connect to the UofR, you can switch to the FortiClient program and click "Disconnect".


macOS VPN Configuration

* Please note, if your macOS version is older than 10.8 (Mountain Lion), you will not be able to run the FortiClient installer.  Please upgrade your macOS version to use FortiClient VPN.

Installation

  1. Open an internet browser and type https://vpn.uregina.ca/  into the address bar. At the "Please Login" prompt enter your uregina.ca username and password.
  2. Now you will be in the SSL-VPN Portal web page. Click the "Download FortiClient" box in the top left and choose "Mac".
  3. This will take you to the FortiClient Download webpage http://forticlient.com/#download
  4. Click "Download" to the right of the page.
    VPN Tunnel Mode Mac
  5. Click the box "Download for MacOS" under "FortiClient VPN".
    FortiClientVPN.png
  6. In your Downloads folder, double-click FortiClientOnlineInstaller.dmg
  7. In the open window double-click, FortiClientUpdate.app and the download of the client will start. Click install once the download has completed.
    VPN Tunnel Mode Mac
    1. In the Welcome window, click continue.
    2. In the License window, click Continue, then Agree
    3. In the Installation Type window click the Install and enter your Mac administrator password and click Install Software
    4. In the summary, windows click Close.

Configuration

  1. Startup the FortiClient.app found in your Applications folder. 

  2. This version of Forticlient is pretty straightforward to click on "Configure VPN".
    VPN Tunnel Mode Mac

  3. Enter the following in the FortiClient SSL VPN window:

    1. Connection Name/Description/Remote Gateway: vpn.uregina.ca
    2. User name: <your uregina.ca username>
    3. Password: <leave blank to be prompted or enter the password to save it>
      VPN Tunnel Mode Mac
  4. Click Save.
  5. Enter your uregina.ca username/password and click Connect to start the VPN connection.
    macvpn
  6. Please note the "System Extension Blocked" notification may appear on certain versions of macOS older than Catalina 10.15, but this doesn't affect the functionality.
  7. Once successfully connected a Disconnect button will appear on the window. You can minimize the window to the dock or close it.
    macvpn6

  8. Once configured a menu appears in the menu bar that allows you to easily connect/disconnect:
    VPN Tunnel Mode Mac
  9. Now you are securely connected to the U of R network, and your computer will behave as though it is “on campus”.  This connection will allow you to securely access applications that are restricted to on-campus use like FAST and URDocs.
  10. To disconnect click the VPN applications icon in the dock and select disconnect



iOS (iPhone/iPad) VPN Configuration

  1. On your iOS device, open the App Store and search for 'FortiClient'. Download the App and tap Open.
  2. Tap Connections.
    mac01
  3. Tap Add Configuration.
    mac02
  4. Enter the following information:
    1. Name: vpn.uregina.ca
    2. Host: vpn.uregina.ca
    3. Port: 443
    4. User: (uregina.ca username)
    5. Password: (uregina.ca password)
    6. Tap Save in the upper right corner.
      mac03
  5. Tap the just created VPN connection - a checkmark will appear beside it. Then tap Done.
    mac04
  6. Turn on the VPN connection by the slider next to the VPN at the top. The status will display Connected if successful and the timer will begin to count the connection duration.
    mac05
  7. Now you are securely connected to the U of R network, and your device will behave as though it is “on campus”.  This connection will allow you to securely access applications that are restricted to on-campus use like FAST, DOME, and URDocs.
  8. When you are finished using VPN, simply slide the VPN slider at the top back to the left.

Android

  1. Download and install the FortiClient VPN from the Google Play Store
  2. Launch the app. It may warn that Android 4.4.3 is required and warn that an error will occur for earlier versions but the app will still install (worked on 4.4.2)
  3. You will be prompted to enter VPN configuration information:
    1. VPN Name: UofR SSL VPN
    2. VPN Type: SSL VPN
    3. tap Create and enter the following:
      1. Server: vpn.uregina.ca
      2. Port: 443
      3. Username: <your uregina.ca username>
      4. Password: <your uregina.ca password>
      5. Auto Connect: Enabled
      6. Certificate: leave unchanged
      7. Check server certificate: Enabled
      8. now tap the Back button
    4. Tap Connect.
  4. You will get a message "Fortinet VPN is attempting to create a VPN connection". Tap to check I trust this application and tap 
    OK.
  5. A message will be displayed: "This site certificate is not trusted, proceed anyway?" tap Proceed.(NOTE: IS is investigating why Android is not trusting the purchased certificate for vpn.uregina.ca - it is normally a bad idea to trust untrusted certificates)
  6. To close the VPN, launch the FortiClient VPN app and click Disconnect.
  7. To start the VPN in the future, launch the FortiClient VPN app and select the UofR SSL VPN and tap Connect


Revision History

v0, 2013-02-25, Initial version
v1, 2014-05-12, Add MacOS instructions and link
v2, 2014-12-30, Switched Windows/Mac instructions to use FortiClient SSLVPN
v3, 2015-03-19, Enhanced/clarified wording/pictures based on IT Support feedback.
v3, 2015-03-20, Added Android instructions. Thanks go to the desktop support group.
v4, 2015-11-03, Changed Android instructions to indicate only vpn.uregina.ca should be entered (not https://vpn...)
v5, 2016-06-14, Added Windows 10 as working for VPN client
v6, 2017-12-02, Changed macOS instructions to Fortinet Client
v7, 2018-01-02, Changed iOS instruction to Fortinet Client
v8, 2019-07-16, updated Windows/macOS installation and user interface guide for Forticlient 6.2
v9, 2020-09-01, updated Windows/macOS installation and user interface guide for Forticlient 6.4