Important

The MPCDF is transitioning to a new VPN service, EduVPN. The existing VPN service via the Cisco VPN (Cisco AnyConnect) will be decommissioned in the third quarter of 2025. Please migrate to EduVPN soon to avoid any disruption.

Virtual Private Network (VPN)

A Virtual Private Network (VPN) enables secure remote access to networks of the MPCDF. By establishing an encrypted connection over the public internet, the VPN assigns the remote user a MPCDF related IP address, extending the MPCDF network.

EduVPN

eduvpn.mpcdf.mpg.de

After logging in incl. MFA, the app can be downloaded and installed.

Accessing the EduVPN-server for the first time:
When accessing the EduVPN for the first time, the full server name eduvpn.mpcdf.mpg.de must be entered in the app’s search bar and the displayed server name can be selected under “other servers”.
Searching for MPCDF using the search bar and logging via forwarded MPCDF profile is not supported.

Logout, if necessary:
Some versions of the eduroam app may not currently have a logout button available.
To log out, please go to the website of eduvpn.mpcdf.mpg.de and revoke the corresponding profile under Account.

Cisco VPN Server

Please note that this VPN service will be decommissioned in the third quarter of 2025. Please migrate to EduVPN soon to avoid any disruption.

vpn.mpcdf.mpg.de

Connection Profile (Group)

The following groups can currently be selected: AllUsers and AllUsers-FullTunnel.

All groups require authentication with a second, one time password (OTP) for increased security and is currently required for users of MPCDF. More information about 2FA and how to set it up for your account is available here.

A split tunnel is set up by default by selecting the group AllUsers. This means that only traffic to the Garching MPG campus (130.183.X.X) is sent through the tunnel, while all other traffic is sent via your local router.

In order to create a full tunnel, with which the entire traffic goes via the Garching MPG campus (130.183.X.X), users can choose the group AllUsers-FullTunnel.

Please note that the users are automatically assigned to their respective groups by the VPN server in the background.

Desktop and Notebook (Windows, Mac OS X, Linux)

To set up the VPN on your computer, just point your browser to https://vpn.mpcdf.mpg.de

Once logged in, the client for your operating system will be available for download together with futher instructions and screenshots. On the first connection, enter vpn.mpcdf.mpg.de as the server.

Linux Clients

The Cisco AnyConnect client will generally work well under most Linux distributions. After the client has been installed, you should be able to find it in your Applications menu. Alternatively, you can also start it on the command line:

/opt/cisco/anyconnect/bin/vpn connect vpn.mpcdf.mpg.de
```	

Futher documentation for Linux is available
[here](vpn-anyconnect-linux.md).

The command line tool and open source software **OpenConnect** is also supported by Cisco for establishing VPN under Linux.

```sh
sudo openconnect vpn.mpcdf.mpg.de

The desired profiles can then be selected.

Mobile Devices (Android and iOS)

You can install the Cisco AnyConnect client direcly from the app stores.

  • Android: Open the App Store and search for Cisco Anyconnect (direct link:

https://play.google.com/store/apps/details?id=com.cisco.anyconnect.vpn.android.avf)

  • iOS: Open the App Store and search for Cisco Anyconnect

  • Enter vpn.mpcdf.mpg.de as the server