Skip to main content
Next-Gen. Now.
The Campaign for Concordia
Concordia University
fr
Concordia University

IT Services

IT Services

Multi-factor authentication with Concordia's VPN

All VPN users must upgrade to the latest tested and approved version of FortiClient and enable multi-factor authentication due to security vulnerabilities with earlier versions of the software. 

Please note that users with desktops on campus do not need to perform any action

What you'll find on this page

Overview How to ensure your computer is protected Upgrading Support FAQ

Overview

Concordia was recently alerted by the Government of Quebec that older versions of FortiClient, Concordia’s Virtual Private Network (VPN) software, have a critical vulnerability that puts users at risk of cyber-attacks.  

In an effort to strengthen the security of your VPN connection, Concordia is also asking all VPN users to enable multi-factor authentication (MFA) in their software.

A two-factor authentication process at sign-in significantly increases your account security. Enabling MFA provides greater protection for your sensitive information such as research data, personal information, and more.

How to ensure your computer is protected

Concordia owned devices

If you are using a Concordia-owned device, please book a security health check as soon as possible. An IT service technician will assist you in upgrading your software and/or enabling MFA. This check will also allow a technician to update and secure your computer while you are on campus, which has been difficult throughout the pandemic. 

You can schedule an appointment in your office or bring your computer to your preferred IT Service Center. Unfortunately, remote assistance will not be possible because of the work required on the VPN. The process will take approximately 30 minutes on average depending on your operating system and the version of FortiClient you are using. 

Personal computers 

If you are using a personal device, you need to uninstall your current version of FortiClient before reinstalling the latest version If you are a faculty or staff member, please ensure you enable MFA during the reinstallation/ configuration process. For detailed instructions, please see below. 

NOTE: For students, please do not enable multi-factor authentication (MFA) on your VPN unless you’ve enabled MFA on your Concordia account, doing so may lead to you being locked out of VPN.  

Desktops on campus 

No action is required.

Upgrading to FortiClient 

If you are using a personal device, you need to uninstall your current version of FortiClient before reinstalling the latest version and enabling MFA. 

Part 1 – Uninstall old client

Windows Add or Remove programs function

Click on Start and search for ‘Add or Remove Programs’.

Search for apps using Windows

Search for FortiClient under the software list.

How to uninstall FortiClient

Click on FortiClient VPN and select ‘Uninstall’.

Follow the prompts to complete the uninstallation.

Reboot your computer.

Part 2 – Install new client

FortiClient icons for Windows (32- and 64-bit)

Download the Latest version of the FortiClient from the Concordia Hub

  • Go to My CU Account ➞ Apps & Software ➞ VPN client (FortiClient)
  • Click on the Windows icon that corresponds to your system architecture (32- or 64-bit)
  • Locate the file under Downloads and run it.
  • Follow the prompts to complete the installation.
  • Once the installation is complete, open the FortiClient software from the applications folder on your computer and accept the license agreement.

Part 3 – Configure your VPN connection with MFA

  • Click: Configure VPN
  • Connection Name: Concordia VPN
  • Description: Concordia VPN
  • Remote Gateway: vpn.concordia.ca
  • Customize port: 443
  • Enable Single Sign on (SSO) for VPN Tunnel: Yes

For students, please do not enable single sign-on on your VPN unless you’ve enabled MFA on your Concordia account, doing so may lead to you being locked out of VPN

  • You will be required to provide a valid Concordia netname and password to establish a VPN connection.
  • You will receive an MFA challenge on your mobile phone, you need to approve it (or you will enter the 6 digit code from your hardware key)

Part 1 – Uninstall old client

Double-Click the FortiClientUninstaller App in your application folder.

Mac OS FortiClient Uninstaller icon

Click Uninstall, the uninstaller will run on its own.

Part 2 – Install new client

Download the Latest version of the FortiClient from the Concordia Hub

  • Go to My CU Account ➞ Apps & Software ➞ VPN client (FortiClient)
  • Click on the macOS icon to begin download
FortiClient installer for MacOS
  • Save the file to your local Drive
  • Open the FortiClient installer and select the icon marked 'Install'
  • Open the FortiClient installer and select the icon marked 'Install'.
  • Please approve access if prompted to grant access to file on the desktop.
  • Follow the prompts to proceed with the installation and agree to the terms and conditions if prompted.
  • The installer will run on its own, and a green checkmark will indicate when the installation has been completed successfully.
  • Once the installation is complete, open the FortiClient software from the applications folder on your computer and accept the license agreement.
  • Please allow FortiClient, and/or FortiTray full disk access if prompted
  • If you are not prompted to enable full disk access to the FortiClient app during the installation you will need to verify FortiClient has been added to the full disk access list, and if not, you will need to do so before creating the connection to the Concordia VPN.

Part 3 - Verify FortiClient has been added

  • Open “System Preferences” and then “Security and Privacy” 

  • From there you will open the “Privacy” tab and select “Full Disk Access” from the list

  • If FortiClient is not listed you will need to add the application to the list.

  • Click on the lock to unlock the ability to edit the settings

  • Click on the “+”, select “Applications”, choose “FortiClient”, and then click “Open”

Part 3 – Configure your VPN connection with MFA

  • Once the installation is complete, open the FortiClient software from the applications folder on your computer and accept the license agreement

  • To configure your VPN Connection

  • Click: Configure VPN

  • Connection Name: Concordia VPN
  • Description: Concordia VPN
  • Remote Gateway: vpn.concordia.ca
  • Customize port: 443
  • Enable Single Sign on (SSO) for VPN Tunnel: Yes

For students, please do not enable single sign-on on your VPN unless you’ve enabled MFA on your Concordia account, doing so may lead to you being locked out of VPN

  • You will be required to provide a valid Concordia netname and password to establish a VPN connection.
  • You will receive an MFA challenge on your mobile phone, you need to approve it (or you will enter the 6 digit code from your hardware key)

Resources and support

If you have any question or concerns, contact the IT Service Desk by email at help@concordia.ca or call 514-848-2424, ext. 7613 to speak with a Service Desk agent between 8:00 a.m. and 11:00 p.m. on weekdays.

FAQ

Many versions of FortiClient are not able to upgrade to the latest version. Uninstalling old versions prior to installing the latest version of FortiClient is the best method to achieve a clean upgrade.

FortiClient is available to all faculty and staff in your My CU account in Carrefour under “Apps and software”.  

Please contact the IT Service Desk by email at help@concordia.ca or call 514-848-2424, ext. 7613 between 8:00 a.m. and 11:00 p.m. on weekdays and between 9:00 a.m. and 4:30 p.m. on weekends.

 
Back to top

© Concordia University