USHER Transition - Required VPN Setting Changes

The change to update our UVa Digital Certificate infrastructure to use the new Internet2 US Higher Education Root (USHER) Certificate Authority has resulted in the need to make a minor change to the VPN Client Connection Entry configuration on end user workstations. This change can be made at any time but should be completed before you try to use your first new certificate.

The screen captures below are from the Cisco VPN client running on a Windows XP machine. The process is the same for the Mac OS X client.

Instructions

  1. Open the Cisco VPN Client
  2. Highlight/Select the UVa-Anywhere Connection Entry with your mouse by single-clicking on the entry. Next, click the Modify button as shown to pull up the edit screen.
    XP Cisco VPN Client main window.
  3. Uncheck the Send CA Certificate Chain check box. And then click the Save button.
    XP Cisco VPN set connection entry to not send CA certificate chain.
  4. Repeat the process (Steps 2 and 3) for the UVa-More-Secure-Network and UVa-More-Secure-Network-Special-Relogin Connection Entries.

© 2008 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology and Communication (ITC) website is provided as a public service with the understanding that ITC makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.