Windows: Set up and Test Cisco VPN's Start Before Logon (SBL) Feature

Lehigh computer users that work frequently from off-campus locations may find it necessary to make a connection to the Lehigh network via VPN _before_ logging into their computers (either their cached credentials have aged out, or they've not logged into this system before).  The VPN client (Cisco AnyConnect) can be configured to enable this by following the steps below.

1.  In a web browser, go to, and download and install the Cisco AnyConnect Secure Mobility client by clicking on 'anyconnect_latest.exe' and then double-clicking on the resulting download, and accepting all defaults.

2.  Follow the same procedure for the Cisco AnyConnect SBL installer from

After this installer finishes, restart your PC.

3. To test the functionality, at the Windows Log on screen, click the 'Network Connection' icon to start the VPN connection.

Windows Log on screen

4. In Cisco AnyConnect window, type '' and then click the 'Connect' button.

VPN configuration prompt

5. At the log in window, enter your Lehigh username and password in the indicated boxes.

VPN login info

6. The 'Second Password' selects the type second factor authentication method, and can be filled out several different ways.

  1. Enter the word "push" to receive a notification prompt on your default device. This is the most common DUO method across campus.
  2. Enter the word "sms" to receive a text message prompt on your default device.
  3. Enter the word "phone" to initiate a DUO voice callback on your default device.
  4. Enter the six digit code shown in the DUO smartphone app, under the Lehigh University heading. (pictured below). This code changes

7. When the VPN connection is established, you will see a new status icon appear near the bottom of the screen, pictured right.

8. Proceed with logging into the computer using your Lehigh username and password.

9. After logging in, you will notice that your standard network drive mappings are already present, just as though you were on campus. Your VPN connection will persist as long as you are logged in. Please remember to log out when you are finished working.

For immediate help, contact the LTS Help Desk (Hours)
EWFM Library | Call: 610-758-4357 (8-HELP) | Text: 610-616-5910 | Chat |
Submit a help request (login required)