Last Updated: 03/27/2014


Frequently asked questions about CU-Boulder's VPN offerings.

General FAQ

What is a VPN and why use one?

A VPN (Virtual Private Network) provides a secure encrypted tunnel from your computer to the CU-Boulder network whether you are on campus or off, thus allowing access to resources (such as library resources) that require on-campus connections. Use of a VPN is advisable for secure Internet browsing and file server access when connecting wirelessly.

When is it not necessary to use a VPN?
  • When you don't need to connect to CU resources.
  • When accessing OIT email with SSH or Authenticated SMTP.
  • When accessing OIT servers with SSH.
  • When using SSH to access servers (email or otherwise) that are registered with the IT Security office, and thus have an exception through the perimeter firewall to allow SSH traffic.
  • When browsing the Internet or making file transfers from off-campus sites.
What's the difference between the web-based version of the SSL VPN and the client version?

The web-based version provides encrypted access to on-campus proxy servers for web and terminal access. The web access is particularly useful when accessing library resources from off-campus. It also supports web access to some campus file systems. The terminal proxy offers secure shell (ssh) and remote desktop (rdp) emulators. The web-based version offers flexibility since you can have access to some resources via on-campus proxy servers through one window (or tab) with no effect on any other browser windows (or tabs) or any other communications you might have open and running on your system.

The client version sends all traffic between your system and the campus network through an encrypted tunnel. This is useful for accessing on-campus file systems natively and for accessing other applications that permit access only from on-campus systems. The client version allows split tunneling which facilitates concurrent access to your local area network, the Internet, and your department's protected resources.

Can I use the VPN with my smart phone?

CU-Boulder's Cisco VPN service is available for both Android and Apple iOS. Please refer to the following tutorials to learn how to connect with your smartphone:

If you are using the custom VPN service is available for use with Apple devices. For more information visit the Install/Connect with Apple Devices (Junos Pulse Client) tutorial. Junos Pulse is not currently available for Andriod.

Does a VPN offer virus or malware protection?

No. A VPN does not provide protection from viruses or malware. However, OIT offers information and recommendations for several antivirus solutions

Is there a charge for using the VPN?

No. The VPN solutions are provided to campus as common good services. There is no charge to the user for this service.

How long can I stay connected via VPN?
  • The client version will remain connected for up to 24 hours per session (or up to 60 minutes of idle time).
  • When using VPN on a campus computer kiosk, sessions will timeout after 5 minutes of inactivity, with a 10-minute max session.
  • For all other web-based use, the client logs out after 60 minutes of inactivity, with a 24-hour max session.

PLEASE NOTE: It is important to log out of all web sessions. Forgetting to log out from a computer kiosk could give the next user access to your VPN web session.

Do I still have access to my home network while connected to the VPN?

Yes. Both the web-based VPN and Network Connect allow you to be connected to the CU-Boulder network and your home network at the same time.

On which operating systems can I use the SSL VPN?

CU-Boulder’s VPN service can be used with Mac, Windows, Linux, Android and iOS. Visit the Cisco VPN page to learn how to configure your device.