Client Services Support, AITS 2FA VPN Connection (Windows SSTP for Duo Tokens)

If you have been granted access to the AITS VPN, these instructions will allow you to set up the VPN connection on a non-university owned device. (This article is intended for employees supported by Client Services Support)

SSTP Windows Setup Documentation (for Tokens)

Right-click Start -> Network connections -> Network and Sharing Center

Fromthelast30days

Nsc

Select Connect to a Workplace


Snc
Hc

ww


Note: The Internet address shown below should be "aitsras1.aits.uillinois.edu" for the Urbana VPN, or "aitsras2.aits.uillinois.edu" for the Chicago VPN.
saddr

Right-click Start -> Network Connections -> Change adapter options -> Right click AITS Urbana 2FA -> Properties

saddr


Networking tab -> Internet Protocol Version 4 (TCP/IPv4) -> Properties -> Advanced -> Use default gateway on remote network

Adv

When connecting to the VPN: For your password, enter your password followed by a comma followed by pressing the Yubikey or typing the token's code.

To set your Duo default device, visit https://verify.uillinois.edu/classicManage.

Edit the VPN settings to not use the VPN credentials when authenticating to network servers. This setting is not exposed through Windows' UI, so you need to locate the .pbk file associated with your VPN connection (%AppData%\Roaming\Microsoft\Network\Connections\PBK\rasphone.pbk for user VPNs) or (%ProgramData%\Microsoft\Network\Connections\Pbk\rasphone.pbk for system VPNs).

1. Right click on the VPN's .pbk file and open it with Notepad. (Remember to untick 'Always use this program for this file type')
2. Find the profile for the connection you are configuring to use with the Token
3. Roughly 5 lines down will be an entry 'UseRasCredentials=1'
4. Change this to 'UseRasCredentials=0'
5. Save the file.

Optional:
Update the registry to allow 60 seconds for password entry (default is 30)
HKLM\SYSTEM\CurrentControlSet\Services\RasMan\PPP\MaxConfigure=60




Keywords:AITS, VPN, Client Services, system office, windows   Doc ID:113749
Owner:Christopher B.Group:University of Illinois System
Created:2021-09-17 15:34 CSTUpdated:2021-10-12 07:43 CST
Sites:University of Illinois System
Feedback:  1   0