Skip to main content

Set Up a Departmental VPN

With a departmental virtual private network (VPN), a Cornell department, college, or unit can establish and manage VPNs for exclusive use by their staff.

This article applies to: CU VPN

The Departmental VPN option allows units to establish and manage VPNs for exclusive use by their own staff—effectively restricting access to individuals identified by and working within the unit. Departments can have one or more private networks, and individuals can be in as many as the department allows. Departmental VPNs can also be configured to require Two-Step Login.

The service consists of the secure provision of a block of IP addresses. Due to resource considerations, departmental VPNs must match the master configuration. It is not possible to do custom configurations of:  

  • Access control lists
  • Login expiration times
  • System security
  • Security 

Set Up a Departmental VPN

  1. First, choose the Active Directory group you'll use for the departmental VPN.
    • If you have an Active Directory group ready to use, continue with step 2.
    • If you need to create a new Active Directory group, see the instructions below.
  2. Decide whether you want to require Two-Step Login for your departmental VPN.
  3. Request an IP pool by sending an email to with your name and department, the name of your Active Directory group, and whether you want Two-Step Login required. You'll receive an email when the pool has been created (within 3 business days).
  4. Next, add or remove NetIDs for your group.
  5. Once your departmental VPN is ready, you can share the set up and connection procedures with your users.

Departmental VPNs that have not been used for 90 days or more may be deactivated. Network Engineering will contact the appropriate Network Administrators before deactivation occurs. The IT Security Office will then contact the appropriate Security Liaisons to remove references to the Departmental VPN in the Managed Firewall Service.

About this Article

Last updated: 

Thursday, March 5, 2020 - 8:14am


IT Professionals

Was this page helpful?

Your feedback helps improve the site.