Skip to main content



Secure connection to Cornell's IT resources hosted on campus

Use Cornell's virtual private network (VPN) service when you need to connect to IT resources hosted on-campus, resources that would otherwise be unavailable from distant networks. CU VPN provides an added layer of security for accessing services hosted on Cornell's campus networks. 


  • Encrypts network traffic between your computer and the Cornell IT resources hosted on-campus to protect against electronic eavesdropping.
  • Provides secure access to IT resources hosted on-campus that would otherwise be unavailable from distant networks.

Who Can Use CU VPN

CU VPN can be used by students, faculty, trustees, staff, those with sponsored NetIDs, and selected affiliates. It is not available for alumni and retirees.

You must have a valid NetID to use CU VPN. If you don't have a NetID--for example, some contractors or vendors--you may be eligible for a Sponsored NetID. Contact the department you're working with for more information.

Services That Require CU VPN

Here's a short list of services that require Cornell VPN when you're connecting from your home network (or other non-Cornell network):

  • 10-Space
  • Academic Web Hosting (Dynamic, Static)
  • CornellAD Quest ARS
  • Managed Servers (Server Farm)
  • Net-Print
  • Perceptive Software via WebNow
  • Shared File Services (SFS)
  • Alertus desktop campus emergency notification
  • Activating or renewing a license for Windows or any version of Microsoft Office except Office 365 (your computer will prompt you when this needs to be done; once activated or renewed, licenses are good for 180 days)
  • Administrator-level access to systems and databases

In addition, some department systems may require Cornell VPN when you're off-campus. Your department's IT or computer support staff can tell you if any systems have that requirement.

VPN and Cloud-Based Applications

CU VPN uses split tunneling, meaning only traffic to and from Cornell's IT resources hosted on campus use the VPN tunnel. Cloud-based services and other internet services (not hosted on campus) do not use the CU VPN tunnel. That means most of the university's IT services do not use the CU VPN. For example, Office 365, hosted by Microsoft, does not go over the tunnel,. Cloud-based applications are secured using HTTPS, CUWebLogin, or Two-Step Login, but not through CU VPN.

Departmental VPNs

The departmental VPN option allows units to establish and manage VPNs for exclusive use by their own staff, restricting access to individuals identified by and working within the unit. Departments can have one or more private networks, and individuals can be in as many as the department allows.

Service Details

Cornell's VPN service provides an added layer of security when you're connecting from off campus to university IT resources hosted on campus. (It's required to connect to some services.)


No Fee

Regulated Data:

Not applicable or information not available.

Support Contact:

Was this page helpful?

Your feedback helps improve the site.