VPN - FAQ

Frequently asked questions about CU Boulder's VPN offerings.

General FAQ

What is a VPN and why use one?

A VPN (Virtual Private Network) provides a secure encrypted tunnel from your computer to the CU Boulder network whether you are on campus or off, thus allowing access to resources (such as library resources) that require on-campus connections. Use of a VPN is advisable for secure Internet browsing and file server access when connecting wirelessly.

When is it not necessary to use a VPN?
  • When you don't need to connect to CU resources.
  • When accessing OIT email with SSH or Authenticated SMTP.
  • When accessing OIT servers with SSH.
  • When using SSH to access servers (email or otherwise) that are registered with the Office of Information Security (OIS), and thus have an exception through the perimeter firewall to allow SSH traffic.
  • When browsing the Internet or making file transfers from off-campus sites.
Can I use the VPN with my smart phone?

CU Boulder's Cisco VPN service is available for both Android and Apple iOS. Please refer to the following tutorials to learn how to connect with your smartphone:

Does a VPN offer virus or malware protection?

No. A VPN does not provide protection from viruses or malware. However, OIT offers information and recommendations for several antivirus solutions

Is there a charge for using the VPN?

No. The VPN solutions are provided to campus as common good services. There is no charge to the user for this service.

How long can I stay connected via VPN?
  • The client version will remain connected for up to 24 hours per session (or up to 60 minutes of idle time).
  • For all other web-based use, the client logs out after 60 minutes of inactivity, with a 24-hour max session.

PLEASE NOTE: It is important to log out of all web sessions.

Do I still have access to my home network while connected to the VPN?

Yes. Both the web-based VPN and Network Connect allow you to be connected to the CU Boulder network and your home network at the same time.

On which operating systems can I use the SSL VPN?

CU Boulder’s VPN service can be used with Mac, Windows, Linux, Android and iOS. Visit the Cisco VPN page to learn how to configure your device.

Should I use eduroam or Cisco VPN for my secured connection?

In general, it is best practice to use eduroam for most secured on-campus connections, while Cisco VPN should be used for secured off-campus connections. Refer to the chart below for usage specific usage scenarios:

ServiceConnection LocationPurpose
eduroamOn-CampusCreate on-campus secure connections that allow users to access file servers and other secured systems, as well as securely browse the internet.
Cisco VPNOff-campusGain access to campus resources (e.g. library resources, file servers) from off-campus.
Custom VPNOn-campus and off-campusIn order to to access department specific resources, custom VPN connections should be used on and off campus.
Why has CU Boulder added multi-factor authentication (MFA) to the campus VPN?

CU Boulder added Duo MFA to the campus VPN in March 2024 to provide stronger protection for remote access to the campus’s internal network and resources. Learn more about Duo multi-factor authentication.