CS-VPN Setup

Allows you to access Cedars HPC from anywhere

Initial Installation

1. Request for a VPN access on Cedars EIS here: https://csmc.service-now.com/cssp?id=sc_cat_item&sys_id=c46fdabb4f44e20041bce8128110c7bd

2. Download a VPN client for your OS. For example, Cisco Anyconnect for MacOS and Linux. Ask Frank if you don't know what/where to download.

3. The URL for CS VPN service is `csremote.csmc.edu`. Put this in the URL textbox of Cisco and hit Connect, you should be good to go. More detailed instructions can also be found here: https://csmc.service-now.com/cssp?id=kb_article_view&sys_kb_id=6d317832db0e91d0fa00cafc13961933

Update Dec 2022

A new update of Cisco Anyconnect VPN client in Dec 2022 will check the device compliance and break Cedars-Sinai VPN connection. If you find opening web pages extremely slow after VPN connection, here is how to fix it:

a) Fully uninstall the upgraded version of Cisco Anyconnect client. On MacOS, just dragging Cisco from Applications to Trash Bin is not sufficient. You need to use Terminal with the following commands:

cd /opt/cisco/anyconnect/bin
sudo sh vpn_uninstall.sh
# find all .sh files ending with "uninstall" and run it to completely remove Anyconnect
sudo sh *uninstall.sh

The new Anyconnect version has installed several additional components, so make sure you run every *_uninstall.sh file you found under that folder; otherwise, you can't install an older version of Anyconnect client even if a partial newer installation is found.

See Also: Reference

b) Edit the file AnyConnectLocalPolicy.xml to disable auto-update of VPN client. Follow instructions here:

cd /opt/cisco/anyconnect
sudo vi AnyConnectLocalPolicy.xml

Change this boolean fields in this file to shut down auto-update:

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectLocalPolicy xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectLocalPolicy.xsd" acversion="4.6.00362">
<BypassDownloader>true</BypassDownloader>
<ExcludeFirefoxNSSCertStore>true</ExcludeFirefoxNSSCertStore>
<ExcludeMacNativeCertStore>false</ExcludeMacNativeCertStore>
<ExcludePemFileCertStore>false</ExcludePemFileCertStore>
<ExcludeWinNativeCertStore>false</ExcludeWinNativeCertStore>
<FipsMode>false</FipsMode>
<RestrictPreferenceCaching>false</RestrictPreferenceCaching>
<RestrictTunnelProtocols>false</RestrictTunnelProtocols>
<RestrictWebLaunch>false</RestrictWebLaunch>
<StrictCertificateTrust>false</StrictCertificateTrust>
<UpdatePolicy>
<AllowComplianceModuleUpdatesFromAnyServer>false</AllowComplianceModuleUpdatesFromAnyServer>
<AllowISEProfileUpdatesFromAnyServer>false</AllowISEProfileUpdatesFromAnyServer>
<AllowServiceProfileUpdatesFromAnyServer>false</AllowServiceProfileUpdatesFromAnyServer>
<AllowSoftwareUpdatesFromAnyServer>false</AllowSoftwareUpdatesFromAnyServer>
<AllowVPNProfileUpdatesFromAnyServer>false</AllowVPNProfileUpdatesFromAnyServer></UpdatePolicy>

See Also: Reference

c) Install the original VPN client again. Follow Step 2 in the instruction of Initial Installtion above.

What's next?

• Connect to Cedars HPC

• Access research papers by CS institutional subscription