External Access to the Network (VPN)

Authentication is not equal to encryption. On public networks you authenticate with a password, but the data traffic remains unencrypted. A "UZH Virtual Private Network (VPN) connection" is used to encrypt public connections so that UZH members outside the UZH buildings have secure access to the UZH network, just as if they were sitting in the middle of it, just as if they were connecting directly to the UZH network.

You do not need any additional software to establish a VPN connection. All you need is an existing Internet connection and an active network connection configured with UZH-specific (encryption) parameters, as described below step by step.

ATTENTION: New shared secrets have been set for VPN, which must be changed at regular intervals. If you want to change the shared secret only, you will find instructions here: Change Shared Secret

Managed Clients by the Central IT - VPN configuration

Windows / macOS

For the digital workstations managed by the ZI, it is sufficient to install the "UZH VPN" in the Software Center.

Institute owned or BYOD-Computers

Windows - VPN configuration

1.) Open the Network and Sharing Center in the Control Panel

With Windows 10 and 11, you need to go to the classic Control Panel view to successfully create a VPN connection.

: Zoom

Call the Network and Sharing Center via...

key combination 'Windows key' + 'R', type 'control panel' and click 'Enter'.
Mouse: Windows Start > context menu command 'Run' > enter 'control panel' > OK

(If "Network and Internet" appears, please set the view by 'Small icons'.)

2.) Create new adapter

: Zoom

Select ...

'Set up new connection or network.'
'Connect to the workstation.' Click Next and ...
'Use my Internet connection (VPN)'.

3.) Specify Internet address (server) and name

: Zoom

Internetadress: uzhvpn1.uzh.ch or uzhvpn2.uzh.ch.
(vpn.uzh.ch does not work here because load balancing is not supported by the L2TP client).
Target name: Enter any descriptive name for the VPN connection (e.g. UZH VPN).
Finally click on 'Create'.

4.) Call up (connection) properties

: Zoom

Go back to the "Network and Sharing Center" (see point 1), click on "Change adapter settings" in the left selection and select the context menu command "Properties" (right click with the mouse) of the adapter you have just created.

5.) Set VPN type & authentication

: Zoom

Click on the "Security" tab.
VPN type: "Layer 2 tunneling protocol with IPsec (L2TP/IPSec)".
Authentication: "Allow the following protocols" > "Unencrypted password (PAP)".
Click on the "Advanced Settings" button.

6.) Specify advanced properties (group key)

: Zoom

Select the option "Use pre-installed key for authentication".
Key (shared secret): group password of the UZH connection profile ALL
(see Remote Access-VPN-Profile).
Confirm all windows with "OK".

Congratulations! You have successfully established the VPN connection.

7.) Open and establish VPN connection

: Zoom

Click on the network icon in the Windows taskbar (usually in the lower right corner) (1).
and select the VPN connection you just set up (e.g. "UZH_VPN") (2).
Alternatively, in the network connections (adapter settings), double-click the VPN connection you just set up (1) and select it in the page list that appears
Click on "Connect". (3)
Log in with your user name (short name) and Active Directory password (4).
Confirm with OK (5).

Mac OS X - VPN configuration

1.) Open system settings

: Zoom

Open the system settings via the apple menu.

2.) Open Network Settings

: Zoom

Find and open the "Network Settings".

3.) Create new connection

: Zoom

Click on the "+" (plus sign) at the bottom left.
(If greyed out, click on the padlock at the bottom to disable the security mechanism).

4.) Select port, type and name

: Zoom

Connection: Select VPN.
VPN Type: Select Cisco IPSec.
Service Name: Enter "UZH".
Click on "Create".

5.) Enter server address and user data

: Zoom

Server address: vpn.uzh.ch
Account name: Your UZH short name.
Password: Your VPN password
Activate the checkbox "Show VPN status in the menu bar".
Click Identification (or Authentication) Settings.

6.) Specify group key and name

: Zoom

Key ("Shared secret"): Our Group Password.
Group Name: Our Group Name
Confirm by clicking on "OK".

You can find the group key and the group password here
(Log in with UZH Shortname and WebPass password if required).

7.) Open VPN connection

: Zoom

You can start the VPN connection via the "Network settings" (see points 1 and 2) or via the VPN symbol in the menu bar (see next point 8). Authenticate yourself with your VPN user data (UZH Shortname).