ServiceVPN - Virtual Private Network

Encrypted and secure access to the University network on the go

With VPN technology, you can establish an encrypted connection (remote access) to the Heidelberg University’s internal network from anywhere in the world. Especially when you are on the go and using unencrypted Wi-Fi hotspots or when you are working from home, you can use the VPN to make an encrypted, secure connection. Additionally, the VPN enables you to access the University's internal IT services, which are inaccessible to external users for security reasons.

After connecting your device to the internet, you can start the VPN client, and after logging in, you will have an encrypted connection to the University network.

Target group

  • University members (with Uni ID or project number)

Use

  • Secure, encrypted connection even on the go (such as when using unencrypted Wi-Fi hotspots)
  • Access to internal University services while traveling or working from home

Access and requirements

The University Computing Centre supports the VPN client Cisco AnyConnect, which students, doctoral candidates and employees can download for free. A Uni ID or University project number is required to log in.

After downloading and installing AnyConnect, enter the following VPN server address in the client:

vpn-ac.uni-heidelberg.de

and click "Connect". Then, log in with your Uni ID or project number as requested. If you are experiencing problems, you can find further information in the How-to for installing AnyConnect.

Frequently Asked Questions

Table filters

Table

QuestionAnswer
QuestionAnswer
Should I always use the VPN when I am working outside of the University network?

To free up potential VPN bandwidth, IT services that are accessible without the VPN should be used without it.

The majority of IT Services, e.g. those that are used for collaboration and digital teaching (Moodle, heiCONF, heiCHAT, ...) can be accessed from any location and can be used without a VPN. Especially for video conferencing or video streaming, it is advisable to forego using a VPN connection to ensure better connection quality as these services are sensitive to bandwidth fluctuations. Many of the IT services offered by the URZ are already encrypted for communication with the communication protocol https, and therefore access already meets the usual security standards.

Only data to and from the University should sent via the VPN; everything else should use my own internet connection. How do I set this up?

This configuration is called "split tunneling". You can set it up yourself by entering an extended username: Use the following username

<Uni-ID>@split.uni-heidelberg.de 

and your usual password.

The automatic installation on the vpn-ac website is not working. What can I do?

In principle, it is also possible to manually download the AnyConnect client. However, the installation files are currently unavailable for technical reasons. We are working on an alternative.

How do I access a network computer on the local network?

When you have an active VPN connection, all data is transferred through an encrypted connection to the URZ. If you wish to, for example. access a network computer on the local network, activate the option “Allow local (LAN) access when using VPN (if configured)” in the AnyConnect Advanced Window (gear icon on the bottom right).

I would like to remotely access my office computer from home. How do I set this up?

Please discuss this with your supervisor and your local network or IT representative.

Essentially, a remote service (RDP, VNC, SSH) must be activated for a suitable port on your office computer, and the local firewall must be accordingly configured. The power settings must be configured in such a way that the computer will not shut down or go into sleep mode. All updates and protections should be up-to-date on the computer; all passwords of permitted users should be strong, e.g. meeting the URZ password guidelines is sufficient. Note the name or IP address of your computer, the port on which the remote service is active and the username and password used to access your office computer.

At home, first start the VPN and then the client software that you will use to access the computer.

A detailed how-to for using Windows/RDP is in the works and will be linked here when complete.

Directly after logging in, multiple new connections are reported. Why does this happen?

For technical optimization, up to three connections are established, and the system sometimes switches back and forth between these connections. This is usually due to peculiarities of the route from your location to the server in the URZ. When this issue does not subside after a minute and keeps happening, please inform the IT Service.

I am experiencing frequent disconnections. Is there anything I can do to improve this?

Using the gear icon in the VPN client, activate the option “Enable automatic VPN reconnect.” If you are experiencing problems persisting past the first minute after logging in, please inform the IT Service.

I have a much better connection bandwidth without the VPN. Is the VPN server overloaded?The VPN server provides all users with a fixed bandwidth, which is sufficient for even more data-intensive purposes such as video conferences according to our tests. The number of users and the connection load is currently (as of 25 Mar 2020) far below the possible limit.
I want to have a video conference, but the audio/video quality isn't very good. Is this due to the VPN?For video calls and video conferences (as well as all other IT services that can be accessed without a VPN connection) it is recommended to deactivate the VPN connection to free up VPN bandwidth.
Is there a VPN client for 32-bit versions of Linux?Cisco discontinued support for the AnyConnect Client for 32-bit Linux in 2016. As an alternative, please use the free client openconnect included in the package sources of your operating system.
How do I set up access to local devices, such as a printer?

If you want to access a network printer or another device on LAN (local network directly connected to your computer), you can set this up in the VPN client by selected “Advanced Window” (gear icon)... > Preferences > check “Allow local (LAN) access when using VPN (if configured)”