Use Cornell's virtual private network (VPN) service when you need to connect to IT resources hosted on campus, resources that would otherwise be unavailable from distant networks. CU VPN provides an added layer of security for accessing services hosted on Cornell's campus networks.
- Encrypts network traffic between your computer and the Cornell IT resources hosted on campus to protect against electronic eavesdropping.
- Provides secure access to IT resources hosted on campus that would otherwise be unavailable from distant networks.
Who Can Use CU VPN
CU VPN can be used by students, faculty, trustees, staff, those with sponsored NetIDs, and selected affiliates. It is not available for alumni and retirees.
You must have a valid NetID to use CU VPN. If you don't have a NetID--for example, some contractors or vendors--you may be eligible for a Sponsored NetID. Contact the department you're working with for more information.
Services That Require CU VPN
Here's a short list of services that require Cornell VPN when you're connecting from your home network (or other non-Cornell network):
- Academic Web Hosting (Dynamic or Static)
- CornellAD Quest ARS
- Managed Servers (Server Farm)
- Perceptive Software via WebNow
- Shared File Services (SFS)
- Alertus Desktop campus emergency notification
- Activating or renewing a license for Windows or any version of Microsoft Office except Office 365 (Your computer will prompt you when this needs to be done; once activated or renewed, licenses are good for 180 days.)
- Administrator-level access to systems and databases
In addition, some department systems may require Cornell VPN when you're off campus. Your department's IT or computer support staff can tell you if any systems have that requirement.
VPN and Cloud-Based Applications
CU VPN uses split tunneling, meaning only traffic to and from Cornell's IT resources hosted on campus use the VPN tunnel. Cloud-based services and other internet services (not hosted on campus) do not use the CU VPN tunnel. That means most of the university's IT services do not use the CU VPN. For example, Office 365, hosted by Microsoft, does not go over the tunnel. Cloud-based applications are secured using HTTPS, CUWebLogin, or Two-Step Login, but not through CU VPN.
The departmental VPN option allows units to establish and manage VPNs for exclusive use by their own staff, restricting access to individuals identified by and working within the unit. Departments can have one or more private networks, and individuals can be in as many as the department allows.
Cornell's VPN service provides an added layer of security when you're connecting from off campus to university IT resources hosted on campus. (It's required to connect to some services.)
Not applicable or information not available.