Difference between pages "MCLA Multi-Factor Authentication for Email and Microsoft Office 365 Access" and "MCLA Remote Access (Windows)"

From TechHelp@MCLA
(Difference between pages)
Jump to: navigation, search
(Step 2 - Setup)
 
(Download and Install Sophos Connect Client)
 
Line 1: Line 1:
Multi-Factor authentication (a.k.a. MFA) is a security method to help better protect email accounts and Office 365 access by adding a layer of protection to the sign-in process. In addition to entering a password, this added security requires users to approve their sign-ins using a mobile device or telephone. This way if a user account password is somehow exposed, the account can stay protected by the second factor that is required to gain access.
 
  
All MCLA accounts will soon have MFA turned on. MFA will not be required when signing on to the main MCLA Portal, but will appear when accessing any Microsoft related services that MCLA has available, such as email, teams, and sharepoint. This documentation will walk you through how to prepare for the use of this security requirement and provide guidance on usage.
+
If you are using Mac OS, please refer [[MCLA_Remote_Access_(MacOS)| to these instructions instead]].
  
==Step 1 - Prepare==
+
=='''Description'''==
 +
For various reasons pertaining to security, certain services within the MCLA network are protected from direct access to the Internet.  Access to these resources from other networks requires special software to provide a secure “tunnel” from your computer.  MCLA employs an SSL VPN to provide this function and this document explains how to access, install and use this tool for Windows based machines.
  
We recommend you follow this checklist to prepare for the account security transition to MFA. These steps can be completed anytime, but its best to do before MFA is turned on for your account.
+
=='''Download and Install Sophos Connect Client'''==
  
* Review the "[https://support.microsoft.com/en-us/topic/what-is-multifactor-authentication-e5e39437-121c-be60-d123-eda06bddf661 What is: Multifactor Authentication]" Microsoft article.
+
*1. Before you start, ensure you do not have the outdated "Sophos SSL VPN" client installed. If you do, please follow these steps to uninstall:
* [https://www.microsoft.com/en-us/security/mobile-authenticator-app Download the Microsoft Authentication App] on your [https://play.google.com/store/apps/details?id=com.azure.authenticator Android] and [https://apps.apple.com/app/microsoft-authenticator/id983156458 Apple IOS phone].  
+
**a. Select Start , then select '''Settings  > Apps > Apps & features'''.  
* Confirm that your security information is updated and complete. To check login to https://aka.ms/mfasetup. You will want to ensure you have setup your primary phone, office phone and/or alternate phone as a security method. This is helpful in the event you don't have access to your mobile phone, the other phones you specify can be used to sign you in.
+
**b. Select the the 'Sophos SSL VPN' application in the list and then select '''Uninstall'''.
 +
*2. Download the VPN software (Sophos Connect) which is located here: [https://mcla.sharepoint.com/sites/DesktopSupport772/_layouts/15/download.aspx?UniqueId=be08b547%2D68e2%2D47e0%2D8426%2D5fac2617e9e8 Sophos Connect].
 +
*3. Open the installer once downloaded and complete the client installation.
 +
*4. Login to https://mclautm.mcla.edu using your A# and password. [[https://techhelp.mcla.edu/index.php/Setup_Microsoft_Authenticator_App_for_MCLA_VPN_Access MFA code may be required]].  
 +
*5. Once logged in select the '''Remote Access''' link on the page.  
 +
*6. Click the download button next to the description "'''Click here to download the configuration file to set up SSL VPN on Linux, MacOS X, BSD or Solaris.'''" '''Download''' and '''Save''' the .opvn file.
 +
*7. Open the Sophos Connect software, click the ''''Import Connection'''' option
 +
*8. Navigate to the .opvn file that you saved, select it and click ''''Open''''. This will import the VPN server connection information.
  
==Step 2 - Setup==
+
=='''Connect to the VPN using Sophos Connect Client'''==
  
MCLA IT will notify you when MFA will be turned on for your account. After its been turned on, [https://support.microsoft.com/en-us/office/set-up-your-microsoft-365-sign-in-for-multi-factor-authentication-ace1d096-61e5-449b-a875-58eb3d74de14 follow these steps in this link] to setup your account to work with MFA. 
+
*1. Open the Sophos Connect software by either selecting it in your start menu or system tray
 
+
*2. Confirm that the 'mclautm.mcla.edu' server connection is selected then click 'Connect'
*[https://support.microsoft.com/en-us/office/set-up-your-microsoft-365-sign-in-for-multi-factor-authentication-ace1d096-61e5-449b-a875-58eb3d74de14 Set up your Microsoft 365 sign-in for multi-factor authentication]
+
*3. Type in your A number and password. MFA code may be required.
 
+
*4. Connection status will show a green click mark when successfully connected to the VPN
*'''Important Note''': During the setup process you'll be asked what your preferred authentication method is. The most convenient method is to approve sign-ins using notifications served through the Microsoft authenticator app. To set this, select "'''Notify me through app'''" as the default verification option and check the box next to "'''Authenticator app or Token'''", You can then select "'''Set Up Authenticator App'''" to proceed with how to configure the Authenticator app on your phone.
 
 
 
[[image:MFAOptions.png]]
 
 
 
==Step 3 - Use and Manage==
 
Its important to note that when MFA is turned on - all access sign ins to Office 365 services will require the use of it. This includes access to MCLA Email, Microsoft Teams and Sharepoint/OneDrive. To ensure you don't lose access to your account, you should remember to [https://aka.ms/mfasetup update your security information] whenever you change your phone number. Here are some additional resources we recommend you review to help enhance your experience with using MFA by learning more about the different security methods you can setup and how to effectively manage them.
 
 
 
*[https://support.microsoft.com/en-us/account-billing/sign-in-to-your-work-or-school-account-using-your-two-step-verification-method-c7293464-ef5e-4705-a24b-c4a3ec0d6cf9 Using your two-step verification methods]
 
*[https://support.microsoft.com/en-us/account-billing/common-problems-with-two-step-verification-for-a-work-or-school-account-63acbb9b-16a1-47b9-8619-6a865e8071a5 Common Problems with two step verification methods]
 
*[https://support.microsoft.com/en-us/account-billing/back-up-and-recover-account-credentials-in-the-authenticator-app-bb939936-7a8d-4e88-bc43-49bc1a700a40 Backup and Recover your credentials with Authenticator App]
 

Revision as of 20:09, 21 March 2022

If you are using Mac OS, please refer to these instructions instead.

Description

For various reasons pertaining to security, certain services within the MCLA network are protected from direct access to the Internet. Access to these resources from other networks requires special software to provide a secure “tunnel” from your computer. MCLA employs an SSL VPN to provide this function and this document explains how to access, install and use this tool for Windows based machines.

Download and Install Sophos Connect Client

  • 1. Before you start, ensure you do not have the outdated "Sophos SSL VPN" client installed. If you do, please follow these steps to uninstall:
    • a. Select Start , then select Settings > Apps > Apps & features.
    • b. Select the the 'Sophos SSL VPN' application in the list and then select Uninstall.
  • 2. Download the VPN software (Sophos Connect) which is located here: Sophos Connect.
  • 3. Open the installer once downloaded and complete the client installation.
  • 4. Login to https://mclautm.mcla.edu using your A# and password. [MFA code may be required].
  • 5. Once logged in select the Remote Access link on the page.
  • 6. Click the download button next to the description "Click here to download the configuration file to set up SSL VPN on Linux, MacOS X, BSD or Solaris." Download and Save the .opvn file.
  • 7. Open the Sophos Connect software, click the 'Import Connection' option
  • 8. Navigate to the .opvn file that you saved, select it and click 'Open'. This will import the VPN server connection information.

Connect to the VPN using Sophos Connect Client

  • 1. Open the Sophos Connect software by either selecting it in your start menu or system tray
  • 2. Confirm that the 'mclautm.mcla.edu' server connection is selected then click 'Connect'
  • 3. Type in your A number and password. MFA code may be required.
  • 4. Connection status will show a green click mark when successfully connected to the VPN
Retrieved from "https://techhelp.mcla.edu/index.php?title=MCLA_Multi-Factor_Authentication_for_Email_and_Microsoft_Office_365_Access&oldid=6879"