Embed Size (px)
Citation preview
Remote Access Instructions
This document is an instructional guide to securely connect to the “HighTower Cloud” which includes all enterprise applications consisting of (P&L) Reporting, Bonaire, BMS, and more to come.
In order to provide secure access from PCs, laptops, and tablets to your data and sensitive applications, a private tunnel is created back to HighTower’s network through two applications:
Cisco AnyConnect (on your machine, ie PC/laptop/tablet from where you will view data)o Creates the private tunnel back to the networko Validates your login is authorizedo This is a VPN connection software
Duo Mobile (on your phone to generate code or prompt for approval. Similar to RSA Token)o Generates an authorized passcode to access HT’s networko Or informs you of a connection request and prompts for an approvalo This is a dual factor authentication mechanism
Version 1.5.02014
Table of ContentsFirst Time Setup: Registering Your Devices.............................................................3
On your remote Windows PC/Laptop:.................................................................8On your Apple OSX:.............................................................................................9
Connecting from a Tablet (off of the Network).....................................................10Configure Your Remote PC/Laptop Remotely.......................................................13Using Duo Mobile App to Generate "One Time Password"..................................14
Re-Connecting from Registered Machine................................................................15Laptop or PC.........................................................................................................15Tablet.................................................................................................................... 15
_____________________________________________________________________________________
First Time Setup: Registering Your Devices
Microsoft Windows System Requirements: Internet Explorer 8 or higher with java plug-in.
Apple OSX System Requirements Firefox browser with java plug-in.
Step 1: Open web browser and navigate to https://vpn.hightoweradvisors.com
Step 2: Enter your HT login credentials as "jsmith" and password. 2nd Username is "jsmith" as well.
NOTE: If this is your first login to HighTower SSL VPN - you will be required to enroll your mobile device(s) with Duo Security for dual factor authentication.
Step 3: Welcome Screen - Click "Start Setup" to get started.
3 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Step 4: Choose Your Authenticator - We recommend using a smartphone.
Step 5: Select the operating system of your phone and click "Continue"
Step 6: Type Your Phone Number - Select your country and type your phone number. Use the number of your smartphone, landline, or cell phone that you'll have with you when you're logging in. You can enter an extension if you chose "Landline" in the previous step.
Double-check that you entered it correctly, check the box, and click "Continue"
4 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Step 7: Launch the Apple Store app on your iPhone or Google Play Store app on your Android device or BlackBerry World market on your BlackBerry and search for "Duo Mobile" app, then tap "install"
Apple IOS App Installation Android OS App Installation
Step 8: Once the Duo application is installed on your phone, open it and tap "Add Account". Click "Scan Barcode", which will allow you to scan the square barcode displayed on YOUR COMPUTER SCREEN.
5 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Step 9: Once you've successfully scanned the barcode on your computer screen using your mobile device, you will see an enrollment notification on your computer screen.
If you wish to enroll a tablet device or a landline as an authenticator, you may click on "Enroll another device." If you have no other enrollments, you may click on "I'm done enrolling devices" and proceed to complete your login into HighTower systems.
Step 10: Upon successful enrollment, you will be presented with the second factor authentication screen as seen below. You may select Duo Push method, which will push a prompt notification to your smartphone with option to accept or reject the login. The phone call method will call your selected authenticator phone number and ask you to press any key to authenticate. You may also generate a passcode using your Duo mobile app or request an SMS text message with a valid passcode.
6 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Step 11: Click "Log in" button to complete your authentication process.
Step 12: Your registered mobile device will receive a notification, clicking the Approve button on the will automatically advance your computer’s browser webpage forward, allowing you VPN access to the HighTower Network.
This completes the dual-factor authentication process on your phone.
7 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Once you click approve, you will begin your remote PC/laptop setup.
On your remote Windows PC/Laptop: Upon initial successful login - the VPN appliance will attempt to automatically install VPN client software to the computer. You may be prompted to "Allow" add-ons to run on your browser.
In the event auto install is not successful you will be asked to install the client manually by clicking on "Windows 7/Vista/64/XP" download link.
Click run to begin installation of AnyConnect client and accept all defaults to complete installation
8 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
On your Apple OSX:Upon initial successful login - the VPN appliance will attempt to automatically install VPN client software to your computer. In the event auto install is not successful you will be prompted to install the client manually by clicking on Mac OSX 10.6+ (Intel) download link.
If prompted, select open with "DiskImageMounter" and click OK to begin download.
Once download is complete, double click vpn.pkg to install AnyConnect client.
Accept all defaults during this installation.
Once you have the AnyConnect client installed, you can find it in the list of applications in the "Cisco" folder. You should drag the launch icon to your dock for quick launch. Use this application for future connections.
9 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Connecting from a Tablet (off of the Network)1. Download Cisco AnyConnect from the App Store on your tablet.
1. Once downloaded, open Cisco AnyConnect app2. Click OK on the prompt to enable software
3. Toggle the AnyConnect VPN button to ON
10 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
4. Type the following for the below fields:Description: HighTowerServer Address: vpn.hightoweradvisors.comClick Save
5. Note HighTower is selected. Toggle AnyConnect VPN to ON
6. The next screen will require entry of your credentials. Screenshots reference phone and tablet.
11 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
7. At this point, you will be automatically connected once you have approved the connection from your phone. You can validate by opening the AnyConnect app again and note Status = Connected.
8. You may access the P&L reports. Either click on this link or type – http://htreporting.htna.lcl:8000
12 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Configure Your Remote PC/Laptop Remotely
Step 1: Launch Cisco AnyConnect Secure Mobility Client directly. It will be in All Programs (Windows) Applications (Mac)
Please consider making these shortcuts on your PC/laptop
Step 2: Fill out connection field: vpn.hightoweradvisors.com and click Connect
Step 3: Ensure selected Group is "HIGHTOWER"Step 4: Fill in login details with your Active Directory username and passwordStep 5: Fill in second factor security credentials with your Active Directory username and six digit code generated on your enrolled mobile device. Alternatively you may simply type "push" in the Second Password field to receive a prompt on your mobile device with option to Accept or Reject authentication.
Step 6: Once you are connected, a confirmation window will display in the right corner of your screen.
13 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Using Duo Mobile App to Generate "One Time Password"
Step 1: Open Duo Mobile app on your mobile device
Step 2: Tap the key icon highlighted in red to generate your one time use password
>>
Step 3: Use generated six digit code as your second factor authenticator in AnyConnect VPN client prompt in the field "Second Password". This will allow you to then connect to the HighTower applications on your PC.
14 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
Re-Connecting from Registered Machine
Laptop or PC1. Navigate directly to the installed application “Cisco AnyConnect”2. Launch the application3. Click Connect
Use your phone to generate passcode or approve push notification on Duo Mobile.
4. Once connected, the logo will have a lock on it. Navigate to http://htreporting.htna.lcl:8000for your P&L report
Tablet1. Open Cisco AnyConnect app2. Toggle the AnyConnect VPN button to ON
Note: HighTower is selected.
15 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
3. The next screen will require entry of your credentials. Screenshots reference phone and tablet.
4. At this point, you will be automatically connected once you have approved the connection from your phone. You can validate by opening the AnyConnect app again and note Status = Connected.
5. You may access the P&L reports. Either click on this link or type – http://htreporting.htna.lcl:8000
16 Help Desk Support: Extension 9999 on any HighTower Cisco phone OR 312-324-3490.
