General FAQ
What is a VPN and why use one?
A VPN (virtual private network) provides a secure encrypted tunnel from your computer to the CU Boulder network, on campus or off, allowing access to resources (such as library resources) that require on-campus connections.
Use of a VPN is advisable for secure internet browsing and file server access when connecting wirelessly.
When is it not necessary to use a VPN?
- When you don't need to connect to CU resources.
- When accessing OIT email with SSH or Authenticated SMTP.
- When accessing OIT servers with SSH.
- When using SSH to access servers (email or otherwise) that are registered with the Office of Information Security (OIS), and thus have an exception through the perimeter firewall to allow SSH traffic.
- When browsing the internet or making file transfers from off-campus sites.
Can I use the VPN with my smartphone?
CU Boulder's VPN service is available for both Android and iOS. Please refer to the following tutorials to learn how to connect with your smartphone:
Does a VPN offer virus or malware protection?
No. A VPN does not provide protection from viruses or malware. However, OIT offers information and recommendations for Endpoint Detection Response (EDR) software.
Is there a charge for using the VPN?
No. The campus VPN is provided as common-good service, which means there is no direct cost to users.
How long can I stay connected via VPN?
- The client version will remain connected for up to 24 hours per session (or up to 60 minutes of idle time).
- For all other web-based use, the client logs out after 60 minutes of inactivity, with a 24-hour max session.
Note: It is important to log out of all web sessions.
Do I still have access to my home network while connected to the VPN?
Yes. The campus VPN allows you to be connected to the CU Boulder network and your home network at the same time.
On which operating systems can I use the VPN?
CU Boulder's VPN service can be used with Mac, Windows, Linux, Android and iOS. Visit the campus VPN page to learn how to configure your device.
Should I use CU Secure, eduroam or Cisco VPN for my secured connection?
Refer to the chart below for usage specific usage scenarios:
| Service | Connection Location | Purpose |
|---|---|---|
| CU Secure | On campus | Provides the most securely encrypted Wi-Fi connection. Allows on-campus access to CU Boulder's file servers and other secured systems. |
| eduroam | At another eduroam institution | Provides an encrypted Wi-Fi connection. Allows access to CU Boulder's file servers and other secured systems when visiting another eduroam institution. |
| Cisco VPN | Off campus | Allows off-campus access to CU Boulder's file servers and other secured systems. |
| Custom VPN | On campus or off campus | Allows both on-campus and off-campus access to department-specific resources. |
Why did CU Boulder add multi-factor authentication (MFA) to the campus VPN?
CU Boulder added Duo MFA to the campus VPN in March 2024 to provide stronger protection for remote access to the campus's internal network and resources. Learn more about Duo multi-factor authentication.
