Problem Description

When a user attempts to connect to the NMU VPN, they are brought to a web browser (such as Google Chrome as an example) to sign in using the NMU Single Sign On (the NMU Sign in Screen, AKA NMUSSO). When the user tries to sign in, they are given a "Potential CSRF Attack Detected" type of error. This is a bug that happens from time to time within the code, and thus we have a couple solutions to get the sign in to work again.

Clearing Browser Cache, Cookies, & Site Data

- If your browser of choice is not within this list, note that it is impossible to list these steps for every single browser that exists out there these days. There are new browsers being released daily and current ones are still being updated so these steps may easily fall out of date. 

- You can search the web for: "How to clear cache, cookies, and site data from all time on <web browser name here>". That will typically yield the best and most up to date results for finding that web browsers specific way to clear its old data.

- Make sure the time range is set to "All time" and the data being removed is anything that says: "cache", "cookies", "site settings", or "site data". 

- If you have not already done so, turn your computer completely off then back on. 

- Make sure your computer is up to date and there are no available updates to run.

Google Chrome 

1. Select the three dots in the top right corner of the browser. 
2. Select the option that says "Delete browsing data...". 
   Steps 1 - 2:
   
3. At the top of the window that opens up, make sure the "Advanced" tab is selected (it will appear with an underline). 
4. Make sure "Time Range" is set to "All time".
5. Select the following items: "Cookies and other site data", "Cached images and files", and "Site settings". You do not have to select your "History" or "Download History".
   Important fields listed in Step 5:
   
   
   We see in the previous screenshot that "Site Settings" does not show up right away. Use the scroll bar by clicking it and dragging it down to locate "Site Settings" before proceeding to step 6 (selecting "Delete data").
   The part of Step 5 containing "Site settings":
   
6. Select "Delete data" upon completion of Step 5.
    

Firefox

1. Open the three horizontal lines in the top right corner of the browser.
2. Locate the "Settings" option and open it. 
   Steps 1 - 2:
   
3. On the left hand, locate the "Privacy & Security" tab and open it.
   The "Privacy & Security" tab:
   
4. Scroll down till you locate "Cookies and Site Data". Open "Clear Data...".
   The "Cookies and Site Data" header including the "Clear Data..." button:
   
   
5. For the "When" field make sure it says "Everything. Select and make sure the boxes that say "Cookies and site data", "Temporary cached files and pages", and "Site settings" have the check mark showing next to them. 
   The fields for "When", "Cookies and site data", "Temporary cached files and pages":
   
   We see in the previous screenshot that "Site Settings" does not show up right away. Use the scroll bar by clicking it and dragging it down to locate "Site Settings" before proceeding to step 6.
   The part of Step 5 containing "Site settings":
   
6. Select "Clear" when everything listed in Step 5 is selected for deletion.

Microsoft Edge

1. Click the three dotted menu at the top right corner of the browser.
2. Select "Delete browsing data...".
   Steps 1 - 2:
   
3. In the Window that opens up, select the arrow under "Time range" and select "All time". Then make sure that the check box is checked for "Cookies and other site data", "Cached images and files", and "Site permissions".
   Step 3:
   
   
   To find "Site permissions" you will need to click the scroll bar at the right of the menu, and drag it down.
   Make "Site permissions" is also selected:
   
4. Select "Clear now".

iOS 

Note: as a result of this process, you will lose all of your web history and any open tabs inside the Safari app on your device. You may want to open them up and save their links in another place to re-visit them at a later time.

1. Open the "Settings" App, and locate "Apps" inside the settings. Scroll down or search for Safari. 
   The Settings App will look like this:
   
   The "Apps" option:
   
2. Scroll down after opening the "Apps option" and Select Safari.
   The Safari icon:
   
3. Scroll down until you locate the header, "HISTORY AND WEBSITE DATA".
   The header:
   
4. Press "Clear History and Website Data". 
5. Where it says "CLEAR TIMEFRAME" select "All history" and make sure the checkmark is next to it. 
   The "CLEAR TIMEFRAME" and "All history" options:
   
6. Press the button that says "Clear History".
   Note: this will sign you out of any websites you may have previously signed into in Safari. This will also sign you out of MyNMU.

Try A Different Web Browser

There may be a setting inside the web browser preventing the sign in from working. An easy way to check this is trying a different browser. 

1. Open the Cisco VPN and enter in the nmuvpn.nmu.edu address in the address field. If it asks for a group, click the drop down arrow, and select "NVPNSSO".

2. It will open up a web browser with our normal NMU Single Sign On (NMUSSO) screen. 

3. Select and copy the entire link from the address bar that starts with "myuser.nmu.edu/NMUsso".

4. Locate a web browser that is different than the one it opened up in by default. If it opened in Chrome, try opening Firefox. 

5. Paste the link in the address bar of that different web browser.

6. Try signing in again once the NMU sign in screen that says "NMU VPN" in the new web browser.