2factor VPN (Win) - Installing AnyConnect VPN client on Windows

The 2factor VPN service uses the Cisco AnyConnect VPN Client to establish its tunnel. This document explains how to install that VPN client on Windows.

This document relates to the 2factor (OCIS) VPN service which is provided by the Office of Cybersecurity for users who need VPN access for interacting with highly sensitive data. It should not be confused with the more general WiscVPN service, which is available to all UW-Madison students, faculty, and staff with a valid NetID.


The AnyConnect VPN client is known to work with Windows 2000 SP4, Windows XP SP2 or later, and Windows Vista. Both 32-bit and 64-bit processors are supported for Windows XP and Windows Vista.

Installation instructions

Installing and verifying the UW Digital ID certificate

  1. Confirm that you have obtained and subsequently installed your user UW Digital ID certificate in the Microsoft Certificate Store. Instructions for importing your certificate can be found at UW Digital ID (Win) - Installing your Digital Certificate.
  2. You can verify that the UW Digital ID certificate is installed properly by following the steps given in UW Digital ID (Win) - Verifying Proper Installation of Your Digital Certificate.

Once the UW Digital ID certificate has been installed, the AnyConnect VPN client can be installed via a web browser. The client can be installed in Internet Explorer via ActiveX (the standard method) or via a Java applet in other modern browsers.

ActiveX installation

  1. Open Internet Explorer and go to https://2factor.services.wisc.edu
  2. Internet Explorer should display a dialog box showing your certificate. Click OK

    Confirm this certificate by clicking okay.

  3. Read the disclaimer and click Continue

    Authorized users only. Actual or attempted unauthorized use of this computer system may result in criminal and/or civil prosecution or University disciplinary action.

  4. The application will first attempt to install the AnyConnect VPN client using an ActiveX control. A popup may appear warning you that an "information bar" has appeared, as shown below. If this appears, click Close

    Did you notice the information bar?

  5. Right-click on the information bar at the top of the page and click Install ActiveX Control...

    This website wants to install the following add-on: AnyConnect VPN Client

  6. You will then receive an additional warning asking whether you want to install vpnweb.cab. Click Install.

    Do you want to install this software?

  7. The installation should then proceed. Once it's complete, the VPN tunnel should then be established as shown below.

    Connection Established

Java-based installation

If Internet Explorer cannot run the ActiveX control "vpnweb.cab" run or if you are using another browser besides IE, the application will try to instead install the AnyConnect VPN client using a Java applet.

  1. Click Run when prompted to run the Java applet.

    The application's digital signature has been verified. Do you want to run the application?

  2. The VPN Client Downloader should appear, as below, to download and begin the installation of the AnyConnect VPN Client.

    The installer is setting up the AnyConnect application. This could take a moment. Please wait...

  3. A Windows Installer window should automatically appear. When it has finished installing, the VPN tunnel should be established.

Additional Notes

  • You can learn the IP address that you were assigned by double clicking the AnyConnect icon in the system tray and finding the "Client Address:" displayed.
  • You can start the AnyConnect client in the future by access https://2factor.services.wisc.edu with Internet Explorer or directly under the Cisco/AnyConnect Client/AnyConnect Client via the Start Menu (faster). When started, you may be prompted for a Username and Password, enter your netid for both. Please do not enter your netid password as it will not work.

Keywords:2factor OCIS VPN AnyConnect Any Connect Cisco Virtual Private Network windows 2000 xp vista win   Doc ID:12638
Owner:Gary F.Group:Office of Campus Information Security
Created:2009-11-11 19:00 CDTUpdated:2015-10-02 10:29 CDT
Sites:DoIT Help Desk, Office of Campus Information Security
Feedback:  9   3