Cisco VPN and Remote Desktop

Configure VPN and use Remote Desktop

How to use Remote Desktop from home to your office computer
Part 1 – Connect to internet
Step 1 – make sure you are online (Connect to internet/WiFi) open www.tamu.edu to verify. 

Part 2 – Install VPN Client
Step 1 – Install VPN client (If you already have this skip to Part 3). 
Go to http://connect.tamu.edu and log in. 

Change Group to “Tunnel_TAMU_Traffic”
NetID:  Enter your NetID
Password:  Enter your NetID Password and click Login. 
Approve the DUO request on your phone if necessary. 

Step 2 – Click “Download for Windows”

Step 3 – Save the file. 

Step 4 – Open “anyconnect-win-4.8.01090” download and double click the file.

Step 5 – Click “Run” to install it.   

Step 6 – Click Next – Accept Agreement – Next – Install.  Click Yes on any pop up install boxes. Click Finish.  It may ask you to reboot to finish installation – reboot if necessary. 

Part 3 – Connect to TAMU Network from off campus
Step 1 – Click the start windows and type “Cisco” or browse to the Cisco program and open it. 

Or you can browse to it like below:

Step 2 – In the box that pops up

enter “connect.tamu.edu” into the space and click connect. 

Step 3 – in the next box that pops up enter your NetID credentials and click OK. 

You should see the Closed Padlock with Cisco Anyconnect showing successful connection. 

You can also verify by looking at the Cisco program in the bottom right task view applications area.

Part 4 – Connect to your office computer using Remote Desktop.
If you already have a remote desktop icon that I gave you then double click that and login just as if you were sitting at your desk in your office. 
If not follow steps below to create your connection. 
Step 1 – Click the start menu – scroll to Windows Accessories – remote desktop connection. 

Additionally – you can also click start and then type “remote desktop” and open the “remote desktop connection” program that shows up.

Step 2 – in the Remote Desktop Connection Box – enter your office computer IP Address and then click Connect.  This set of numbers should have been emailed to you. 

Step 3 – In the Windows security box that pops up – login with your NetID and Password. If you don’t have a “username” box to enter in your NetID then click “more choices”

Step 4 – Click “use a different account”

Step 5 – In username box use  auth\YourNetID and your NetID password and click ok. 

Step 6 – In the Identity box that pops up – put a check mark in the box for “Don’t ask me again for connections to this computer”

All done – your office computer screen is locked and private while you are working remotely.  When you are done working for the day/evening just click the “x” to close it out and you can resume your session again at any time. 

Domain Client using Local CMOS clock

Domain client time off from domain controller time:
ISSUE: Some of my Windows 10 machines in AD domain were off by a few minutes. After running w32tm /query /status
I found that the source was set to local CMOS clock on the domain client machine. I tried the standard fix to update client to domain:
w32tm /config /syncfromflags:domhier /update
net stop w32time net start w32time
But that didn’t work and neither did any of the other suggestions I tried.

After running DCDIAG on my Domain Controller I noticed that it stated that it was not advertising as a time source. Upon further investigation, I found that my Domain Controller VM had the setting to use time integration services with the Hyper-V Host. Once I changed that setting – I reset the NTP settings on the domain controller holding the PDC role with the following settings: w32tm /config /manualpeerlist:time2.google.com /syncfromflags:manual /reliable:yes /update
Then run: net stop w32time and net start w32time

I ran DCDIAG again on my DC and it now shows that it passed test advertising. You can wait a while and the domain clients should start using the Domain controller for time once they check back in or if you can’t wait then you can remote desktop to your domain client(s) and run:
w32tm /config /syncfromflags:domhier /update net stop w32time and then
net start w32time Verify time settings on your client using: w32tm /query /status w32tm /query /configuration

A device attached to the system is not functioning

While copying photos from my iPhone to my Windows computer using File Explorer I received the error “A device attached to the system is not functioning” and then the copy fails.  I Googled and tried the top 3 fixes suggested which were
1. Use a different USB port on my computer.
2. Use a different iPhone cable.   
3. Try the copy on a different computer. 
All of which gave the same error as before.  The solution for me was on my iPhone go to Settings – Photos – scroll to the bottom and find
TRANSFER TO MAC OR PC – change from Automatic to Keep Originals. 
After making that change I was able to copy all my photos over to my computer.  



Selective Authentication – protected by authentication firewall

The computer you are signing into is protected by an authentication firewallThe specified account is not allowed to authenticate to the computer. 
1. Login to local domain controller where the resource (workstation) resides.  Open AD Users and computers – switch to Advanced Features view.
Find the workstation you are trying to login to – right click – properties – security tab. 
2. Under group or Usernames – click Add. 
3. Select Locations – select domain that contains the user account trying to login. 
4. Enter username – click OK – authenticate with account that has access. 
5. Select user – then in permissions for user select “allow” for allowed to authenticate.  Finished!