Telework Options for WPAFB Personnel

Updated 4/29/2020 @ 3:30 p.m.

HELPFUL DOCUMENTS FOR TELEWORKING
Air Force Capabilities Infographic
DoD Authorized Telework Capabilities and Guidance
Telework Decision Tree
Microsoft collaboration tools - Comparison 
Microsoft collaboration tools - Setting up
Using Outlook Web Access on your home computer

TELEWORK CAPABILITIES AVAILABLE TODAY:

Meet-Me Numbers:

• Teleconferencing for up to 50 connections per conference line
• Schedule via: https://www.tsf.wpafb.af.mil/MeetMe/ScheduleConference
• TIP:  Limited availability; reserve your meet-me early

Outlook Web Access (OWA):  https://owa.us.af.mil

• Unclassified email access from government or personal computer
• Authorized up to FOUO & PII if messages are encrypted (S/MIME – see link at bottom of email)
• **Do not save files with FOUO or PII on your personal laptop/computer
• Does not require VPN; only a CAC and a CAC reader
• TIP:  Users experiencing issues with constantly being asked for a PIN are encouraged to install ActiveClient software (link at bottom of email)

SharePoint:

• File sharing from government or personal computer
• Authorized up to FOUO if accessing from a government computer
• **Do not save files with FOUO or PII on your personal laptop/computer
• SharePoint sites migrated to O365 (sites starting with https://usaf.dps.mil/...) are available via commercial connections (no VPN required)

Government Mobile Devices (Blackberry Unified Endpoint Management – BUEM):

• Access to AFNET email, contacts, and calendar
• Authorized up to FOUO & PII when properly encrypted
• Can view, sign, and encrypt messages with soft certificates
• Can view/edit documents, and digitally sign PDFs
• Secure web browsing and access to CAC enabled websites (AF Portal, DTS, AFPC Secure, Leaveweb, MyPay, etc)
• How-to guides linked at the bottom of this email

Virtual Private Network (End User Remote Access Management - EURAM):

• Access to all AFNET resources from government computer
• Authorized up to FOUO & PII when properly encrypted
• Blue “USAF VPN Client” icon on user desktop
• Four connection servers available:  Wright-Patterson AFB, Scott AFB, JBPH-Hickam, Ramstein AB
• User’s shared files can be accessed regardless of server you connect to
• TIP:  WPAFB has been busier than the other servers, select a different server if you are unable to connect (see user guide linked at the bottom of email)
• PLEASE ONLY USE THIS OPTION AFTER YOU’VE EXHAUSTED ALL OTHER OPTIONS
• EXCEPTION:  Connect your laptop/tablet to the VPN for at least 2 consecutive hours during nights/weekends to receive updates and patches (once a week)

WHAT THE AF IS DOING TO IMPROVE TELEWORK CAPABILITES:

Quote from 16 AF to all Wing/CCs Air Force wide:  “[K]now there are many teams across various organizations working around the clock to help assure all our AF core missions.  As we move from hundreds to thousands, and potentially to hundreds of thousands of Airmen working remotely, patience and understanding is valued.  Although our AF infrastructure and capabilities were not originally built for this type of operational environment, it’s shifting by the hour & day to meet the need.”

• EURAM (VPN):  Deployed to laptops/tablets early (12 Mar 20); increased available VPN connections from 10K to 60K+ AF wide.  Constantly monitoring and making network configuration changes to increase reliability and speed
• Streaming Traffic:  DISA (DoD level) has blocked all streaming traffic (YouTube, Pandora, etc.) to ensure network bandwidth is available for mission execution
• Inbound Phone Lines (WPAFB Specific):  Increase in “meet-me” lines overwhelmed available inbound phone lines to WPAFB.  Working with the base’s service provider, a configuration change increased our max inbound phone connections from 166 to 708.  A work order was submitted to purchase even more phone lines which should be completed within the next week
• Network bandwidth (WPAFB Specific):  Working closely with DISA and AFLCMC/HNI, WPAFB increased our network bandwidth from 2.5 Gigabits/second to 3.5G/s.  New hardware is currently being configured for installation within the next week which will increase our bandwidth to between 7G/s to 10G/s

BONUS:  What Can I Do to Improve Telework & Other FAQs:

What Can I Do to Improve My Telework:

• ONLY USE WHAT YOU NEED/WHEN YOU NEED IT – if you only need to get on email, use OWA; this frees up VPN connections and bandwidth for those who need greater access
• Update your signature block with the phone number you can be reached at
• Use the VPN outside peak usage windows (1100-1600 EST); consider alternating shifts within your sections
• Connect your laptop/tablet to the VPN for at least 2 consecutive hours during nights or weekends to receive updates and patches (once a week)
• Use the links below to understand common issues/fixes at your level
• Try different a different certificate when connecting to OWA, VPN, etc.

What Are Some Common Errors When Trying to Connect to the VPN Client?

• “Credentials or account could not be found”:  Ensure you are choosing your CAC authentication certificate and not your CAC email certificate
• “Access denied by Access Policy” or “Session could not be established”:  The selected VPN server is at capacity, try a different VPN server or try again outside peak times

How to I know My Computer Name (usually asked when submitting a ticket)?

• Right click on START button and select “system.”  Scroll down to “device name,” this is your computer name

Is/will/can VPN be restricted to the most essential personnel?

• There are no “prioritized access” or “restricted access” mechanisms available to restrict access
• Restrictions on VPN use would need to be part of organizational policy and executed through users self-discipline
• 16 AF is working to create more availability/access to AFNet resources

Will machines that haven’t been on the net for a while be kicked off the domain?

• 16 AF is looking at ways to adjust this policy
• No changes yet, but intent is to ensure cybersecurity while maximizing availability

What Do I Do if I Can’t Get My VPN to Connect?

• Exhaust all other telework options (OWA, SharePoint, etc.)
• BE PREPARED TO BRING YOUR LAPTOP TO BASE; technicians cannot go to private residences to troubleshoot
• Organizations that provide their own client service support (NASIC, AFRL, AFIT, 445 AW, AFICA, etc.):  Contact your technicians via organization’s published process
• Organizations serviced by 88 CS (HQ AFMC, AFLCMC, AFSC, IMSC, 88 ABW, etc.):
  • Call the Cyber Operations Center (CyOC) @ 937-656-COMM (2666); they will give you a ticket number
  • If the problem can’t be solved over the phone, you will be instructed to bring your laptop to one of two locations:
    1. Client Support COOP Facility: 2372 Lake View Dr., Suite H, Beavercreek OH.  Client Support Technicians onsite with assist in troubleshooting your laptop.
    2. On-base to your office/desk to connect to the network for remote support.  Once connected to the network, contact our COOP Client Support team (0700-1630) @ 937-490-4660 or 904-0VPN (0876).  The technician will ask for your ticket number and computer name.  The next available technician will remotely connect to your computer to assist; you may use your computer normally while you wait for a technician
  • Please have patience as our call volume has increased significantly