Skip to main content

Connect to Server Farm Machine: VPN

Connect to server farm machines via the Cornell Virtual Private Network (CU VPN) using Cisco software. 

This article applies to: Managed Servers

VPN allows remote computers to connect and assume an IP address in the Cornell address space. This allows off-campus connections to campus resources that would otherwise not be possible because of routing or firewall restrictions.

VPN users must install Cisco VPN software.

Connect Using the Campus VPN

After you install the software, when you connect to the VPN, you'll need to log in.

  1. In the Username box, enter your NetID followed by the group name as shown below:
    • If you are a CIT staff member: netID@cit.staff
    • If you are not a CIT staff member: netID@sf-vpn-ms
  2. In the Password box, enter your NetID password.
  3. You will be prompted for Two-Step Authentication.
    (See our Two-Step Login site for information on how to install this if you haven't already.)


VPN establishes a connection to a LAN on Cornell's address space. Because this LAN is subject to NUBB charges, the VPN should be used for business only. Establish a connection only long enough to accomplish the work necessary, then close it.

If you plan to take VPN out of the country on a computer or to download it while abroad, be aware that the US Department of Commerce has restricted the export of cryptographic software. The use of VPN is illegal in the following countries: Cuba, Iran, Libya, North Korea, Sudan, and Syria.

See also...

Was this page helpful?

Your feedback helps improve the site.