AnyConnect for MacOS
Preliminary note
Troubleshooting help can be found below.
Note General
Some restricted services of the University or the State and University Library can only be used when you are on campus, so that the device you use has an address from the area assigned to the University.
To access these services from home or on the road, you must install a so-called VPN client software (AnyConnect or OpenConnect) on your device once and establish a connection to the campus with the VPN client before each access to the restricted services. This means that you are "virtually" on campus and can use the services you are used to.
Please note the different types of tunnels and make sure you choose the correct tunnel.
Initial Setup - Step 1
Make sure that your device is connected to the Internet (or the WiFi with the identifier "Uni-Bremen", if you are on the campus of the university). Open the website https://vpn.uni-bremen.de, log in with your university account and then download the installation file for AnyConnect.
Then open the downloaded archive and open the.pkg file contained in it.
Initial Setup - Step 2
Then click "Continue" on the first dialog page.
After that, read and accept the license terms. If you do not agree with the terms and conditions, you will not be able to use the VPN service.
Initial Setup - Step 3
You now have the opportunity to specify the installation location. Usually the default installation location ("Macintosh HD") is already preselected. If you want to install the software here as well, click on "Install" now.
Note: AnyConnect was already installed on our system, so the selection screen will look slightly different for you.
Initial Setup - Step 4
During the installation, you will be informed that AnyConnect has been blocked for the time being and that you have to unblock this on your own. Now click on the blue highlighted button "Open the settings".
You should now be in the "Privacy & Security" menu item. Scroll down until you come across the text "Loading the system software of the 'Cisco AnyConnect Socker Filter' program has been blocked" under the "Security" point. Now click on "Allow."
Finally, you still need to confirm the popup "May 'Cisco AnyConnect Socket Filter' filter network content" by clicking "Allow". Now AnyConnect should work without further ado. If the first window with the text "Attention" did not close by itself, you can do that now.
Important! The Cisco AnyConnect Socket Filter component often generates high CPU usage. However, if you block the system extension from being allowed during installation, AnyConnect will not work completely. We therefore strongly recommend that you install the extension first, but then remove it from the Applications folder later. The permission to filter network content granted at the beginning is also revoked by the deletion.
Initial Setup - Step 5
Start the "Cisco AnyConnect Secure Mobility Client", e.g. via the Launchpad.
Do NOT start the Cisco AnyConnect Socket Filter. This is only a background service.
Initial Setup - Step 6
Open the "Cisco AnyConnect Secure Mobility Client" menu by clicking on the gear icon at the bottom left and then click on "Preferences".
Place a check mark next to "Allow local (LAN) access when using VPN (if configured)". This will allow you to still access resources on your local network (printers or file shares, for example) even when the VPN connection is enabled. Close the window afterwards.
Connect - Step 1
Start the "Cisco AnyConnect Secure Mobility Client", e.g. via the Launchpad.
Do NOT start the Cisco AnyConnect Socket Filter. This is only a background service.
Connect - Step 2
Enter "vpn.uni-bremen.de" in the textfield before the "Connect" button, if it is not already filled in. To connect, simply click on "Connect".
Connect - Step 3
Enter the access data for your university account in form of username and password. The access data cannot be saved and must be entered again for each connection.
Finally select the correct tunnel type under "Group" and confirm with "Connect" The program should now establish the connection.
Disconnect connection
If you no longer need the connection, click on the AnyConnect icon in the panel and select "Disconnect".
Troubleshooting
I can't download the installation file and get the message "Forbidden" instead.
- Not all university users can access the VPN service. In particular, alumni are excluded from use.
- If you are a regular member of the university (e. g. a regular student or employee) or SuUB staff member, please contact the Account Manager to have your account assignments checked.
During installation, the error message "The vpn client agent was unable to create the interprocess communication depot." appears
- This error message is triggered by an activated Internet connection sharing. Deactivate the network adapter's share in the adapter settings and try the installation again.
I have successfully established a VPN connection, but can't use the library services?
- If you want to use services that are enabled for the network area of the University of Bremen but are not "hosted" in the network area of the university (publishers are an example here), then you have to change the group from "Tunnel-Uni-Bremen" to "Tunnel-all-Traffic" when setting up a connection. For a detailed explanation please read the page VPN-Tunnelarten.
- ATTENTION: With this option, all traffic is now routed through the tunnel. Please leave the tunnel activated with this option only as long as it is needed for working.