Connecting to the SRE - instructions for Windows users

Connecting to the SRE is a two-step process. First you need to connect to the VPN, then you are able to connect to the SRE.

Remote Desktop Connection only allows one connection at a time to the SRE Windows machine. Fortunately disconnecting does not logout or otherwise interrupt the work. The next time the first user reconnects, they will find all their applications have continued running uninterrupted (see also: Logging out of the SRE).

Connect to the VPN using AnyConnect

Step 1

Double click on the desktop Cisco VPN icon, or search for "anyconnect' in the start menu.

Note that the old version 2 "Cisco Anyconnect VPN Client" has a green dumbbell icon while the current version 3 "Cisco AnyConnect Secure Mobility" has a white circle icon with 2 green arcs.

Under Windows 10, the search box is still in the lower left corner, now called “Cortana”.

Step 2

Make sure that the server name to the left of [Connect] is: access.popdata.bc.ca

Step 3

The first time you connect, you could click on the gear icon in the lower left corner of the AnyConnect box, and uncheck the option “Minimize AnyConnect on VPN connect”, then close the preferences box.

Step 4

Click [Connect]; a login box pops up. 

Insert your YubiKey into a USB slot on your computer (you may use a USB extension cable).   Select group “sreyubi”; enter your short username (without the project number suffix);  for Passcode, begin by typing in your PopData password (the one that works on https://my.popdata.bc.ca) but DO NOT click OK or press Enter. Instead briefly touch the round copper metal button on the YubiKey. You should then be connected to the VPN.

See also YubiKey troubleshooting at: SRE/2factorID.html

 

Step 5

If you did not change the preference item “minimize” above, the VPN window disappears when you are successfully connected. There will be a little lock icon in the bottom notification area on the taskbar, in the lower right corner.

Connect through VPN to the SRE using the Remote Desktop

Step 1

Check available SRE server numbers. Currently available servers are listed at: https://my.popdata.bc.ca/sre/available 

Step 2

Start ‘Remote Desktop’.
If you do not already have a shortcut on your desktop, the remote desktop is located under either:

  • Start -> All Programs -> Accessories -> Communications -> Remote Desktop Connection       or
  • Start -> All Programs -> Accessories -> Remote Desktop Connection

Step 3

Enter the name of one of the SRE servers (sre1, sre2,etc.).

If a message appears about "can't find computer" , your system may be one of those that prefers the long "fully-qualified" name for the remote computer: append ".popdata.bc.ca" (ex: sre5.popdata.bc.ca).

Step 4

Login to selected SRE server with your project-specific username and password. For example, if username is gwashington and your research project is 99-001, the username will need to be entered as popdata\gwashington-99-001.

Initially RDC offers its best guess for credentials (based on your local workstation), and usually decorates that guess with a orange daisy icon.  For most people this guess will be wrong, and you need to click on “Use another account” to make the text entry boxes “User name” and “password” available. 

A fully-qualified Windows username starts with prefix domain “POPDATA” followed by backslash “\” followed by your project-specific username.

Upon connecting, after entering your password, a complaint may pop up "The identity of the remote computer cannot be verified" ; please click "Yes" to bypass this message. While the PopData VPN is connected, there is minimal risk of connecting to a bad machine in the Secure Research Environment, so you can ignore this warning.

Logging out

When you are done, make sure you LOG OFF.

Failure to log off (for example just closing the RDC window) blocks other researchers from accessing this SRE machine.

Under Windows 10, the logout (Sign out) menu can be found next to the Cortana search box, its icon is a head-and-shoulders figure (an “o” above an inverted “U”).

Disconnecting from VPN after disconnecting from SRE Remote Desktop

You may prefer to disconnect "Cisco AnyConnect" whenever you stop your connection to the SRE. Click on AnyConnect icon or status window; click disconnect.

The PopData VPN connection does not interfere with your access to other parts of the Internet, including local computers around you, with two exceptions: DNS name resolution service is redirected to the PopData name-server (so connections to short names like "srtl4" go to "srtl4.popdata.bc.ca"), and connections from your computer to private PopData networks (under 10.50.*.*and 10.80.*.*) are routed through VPN server “access.popdata.bc.ca”. There is a small chance that these two features may interfere with your access to other computers near you while VPN is connected.

If there is a network interruption (for example due to a weak WiFi signal, or your computer going to sleep), the Remote Desktop session may go into a confused state and refuse to let you reconnect for up to an hour. you can email sre@popdata.bc.ca and ask us to terminate the session, or to make the machine accept re-connections.

If you anticipate that your computer might go to sleep, it may worth disconnecting your Remote Desktop session and reconnecting later.