Notice! Confluence will be unavailable on Thursday, 12/14 from 4 AM EST - 8 AM EST for server maintenance.

Search the Knowledgebase


Software and Services Index


Return to HomePage


HITS Feedback Survey


How can we help?

Submit a help ticket
734-936-8000
Help Me Now walk-up locations

For urgent issues and immediate concerns, please contact the HITS Service Desk at 734-936-8000. We're available 24 hours a day, 7 days a week.

Skip to end of metadata
Go to start of metadata


Access to Michigan Medicine protected resources is limited to users who have a Level-2 or an "active Michigan Medicine VPN account" and are enrolled in Duo Two-Factor Security.

You will be unable to connect to the VPN unless you have set up your Duo Two-Factor Security.


A VPN (Virtual Private Network) client provides a secure computing experience when accessing a University of Michigan (U-M) resource from a remote location. The VPN clients provided by the university allow authentication by all U-M students, faculty, and staff who have a valid U-M uniqname and Level-1 (UMICH) password.

The Michigan Medicine network has its own VPN server that specifically controls access to Michigan Medicine protected resources. Access to these protected resources is not available to users with only Level-1 accounts. Remote/offsite VPN access to the health system network is limited to users who also have either a Level-2 account or an "active Michigan Medicine VPN account" and are enrolled in Duo Two-Factor Security.

A "Michigan Medicine VPN account" is not a Level-2 account and does not give access to other health system resources such as Outlook Exchange, CoreImage workstations, and NAS file share systems.

The university VPN uses Level-1 credentials and Duo Two-Factor Security for authentication.



VPN Topics

A single VPN solution is available to non-CoreImage devices for Michigan Medicine staff: the Cisco AnyConnect Secure Mobility Client client. Faculty and staff are encouraged to use the AnyConnect client and Level-1 (Kerberos) credentials with Duo Two-Factor Security to access all health system internal resources when off-site.

This change currently applies only to non-CoreImage machines.

Michigan Medicine VPN Client Information

The health system offers two different options for connecting from a remote location: the full Cisco AnyConnect client and the Clientless VPN (Level-1 Page). These options provide two different methods for accessing health system resources remotely, so individuals do NOT need to perform steps for both methods in order to connect.

The main difference between the two options is the Clientless VPN only provides access to a small subset of applications, while the AnyConnect VPN client provides full access to Michigan Medicine resources.

 

AnyConnect VPN Client

Clientless VPN

High-speed Internet Connectivity Required

x

x

Duo Two-Factor Security Required

x

x

Full access to Michigan Medicine network

x

 

Mobile Device Compatible

x

 

Citrix installation required for MiChart access

x

x

Cisco AnyConnect Secure Mobility Client

Only the Cisco AnyConnect client is approved and supported by HITS for use in conjunction with clinical applications and the delivery of patient care. The AnyConnect client allows the user to access all health system internal resources.

Michigan Medicine staff are strongly encouraged to use the Cisco AnyConnect Secure Mobility Client client with iOS devices (iPad, iPhone, iPod Touch).

Cisco AnyConnect Instructions

Mobile Devices

Clientless VPN

The Cisco Clientless VPN is an online authentication mechanism to access a small subset of web-based clinical applications (though not including MLearning) and also provide access to some resources from the Macintosh platform.
https://vpn.med.umich.edu/level1

After authenticating with a uniqname and Level-1 (UMICH) password and Duo Two-Factor Security, a list of available applications will appear. Note that not all applications will function properly when accessed via this method. Some have additional special instructions for Mac access.


MLearning Access


Other VPN Clients

VPN Access to CCMB Network

Those who need access to the CCMB Clusters or Network use a different VPN than the usual UMHS VPN. Click the above link for more information.

VPN Access to va.gov

Staff members working in conjunction with the Veterans Affairs hospital (the VA) are required to access the VA systems securely in order to modify patient data. In order to establish a secure connection, the staff members must use the government's official VPN Server at va.gov site using the Rescue VPN client.



  • No labels