What We Do
The bSecure Remote Access VPN (Virtual Private Network) service allows CalNet ID–authenticated users to securely access the UC Berkeley network from outside campus and encrypts the information sent through the network. There are three tunnels:
- Split Tunnel is the default and is used to allow users to access on-campus resources. When using the split tunnel option, any traffic meant for destinations on campus will go through the GlobalProtect client and VPN tunnel. However, traffic meant for other sites like Google will not use the VPN tunnel.
- Full Tunnel (listed as “Library Access and Full Tunnel”) directs all traffic, regardless of the destination, through the GlobalProtect client and VPN tunnel. All client traffic is routed through the campus network with an IP address associated with the campus. This is most commonly used if you are accessing a resource that is licensed for UC Berkeley, such as journals licensed through the library only for campus users.
- Restricted Tunnel is a service that is limited to people that access sensitive systems and data. It has increased monitoring, and utilizes many of the advanced security features of the Palo Alto Networks firewalls.
The bSecure VPN service is a collaboration between Network Operations and the Information Security Office.
Why We Do It
Campus users who work remotely need a way to access UC Berkeley resources that are available only within the campus network. In addition, campus users may require a more secure connection as this service provides protections from eavesdropping by other devices at the user’s location.
Who Benefits
Campus members who need remote access to UC Berkeley resources.
How to Get Started
Self-Service for Managed Desktops
If your computer has the managed Berkeley Desktop for Windows or macOS, you can install the "GlobalProtect VPN" from Big Fix (for Windows) or the Self Service application (for macOS) on your computer.
Software Download from vpn.berkeley.edu
If you have admin access to your computer, you can download and install the software yourself: Download GlobalProtect Software(link is external). If you use a screen reader you may want to use this alternative portal.(link is external) If you're not sure, contact your department's IT support for help.
Installation Instructions:
- Mac OSX(link is external)
- Windows(link is external)
- iOS(link is external)
- Android(link is external)
- ChromeOS users should install the Android client
- Linux(link is external) - The GlobalProtect UI client is available in a Google Drive Share(link is external), (login with @berkeley.edu account). Documentation with detailed information is located in a README document within the folder. Installation instructions can be found on the Palo Alto Networks Tech Docs site(link is external).
Note: If the GlobalProtect icon is not visible you can open a dialog window using the "globalprotect launch-ui" command in a shell/terminal window in v5.1.1 or newer.
If you need support please email ITCS at: itcsshelp@berkeley.edu(link sends e-mail)
FAQ
Search FAQ’s in Service Now.(link is external)
Service Details and Additional Information
Supported Platforms(link is external)
Address Ranges(link is external)
Support
Contact IT Client Services
https://berkeley.service-now.com/ess/(link is external)
510-664-9000, option 1