skip to content

IT Help and Support

University Information Services
 

UIS provides a VPN service to access resources restricted to users on the University Data Network (UDN) from outside. In addition, some institutions have a managed VPN that provides access to resources restricted to their own networks. Members of the Unified Administrative Service (UAS) and other users of the Administrative Computing Network (ACN) will need to use different remote access and VPN methods.

What is the VPN service and when should I use it?

The VPN service is a way of connecting your device to the UDN from a remote location. When using the VPN, not only is your device connected to the UDN but it appears to actually be located on the UDN (by making connections to services, it appears to be coming from a UDN IP address).

This means that you can access resources that normally require you to be at the University, using a UDN-connected device. Examples of such services include:

  • UFS
  • Departmental or College resources
  • Some restricted access websites.
     

Are there alternatives to the VPN service?

Yes, for some resources it is better to use alternatives and not the VPN. Examples include:

  • Access to online journals for which the University has a subscription; most of these resources are available by using your University account (formerly Raven)
  • Other Cambridge websites using your University account to authenticate user access.
     

How do I use it and how much does it cost?

The VPN service is free and anyone with a valid CRSid can use it. You do not need to apply to use the VPN because it uses a Network Access Token username and password you've created on the tokens website, just like the eduroam wireless network. It's best to create a separate token for each device you use for to connect to the VPN.

Setup instructions for systems currently supported are listed in the navigation (found either to the left of this page or in the drop-down menu on mobile devices).
 

Additional information

When you connect to the VPN your device will receive a UDN-wide private IP address.

Your connected device acts only as a client. This means it may connect to services and receive return traffic, allowing you to access resources as expected. However, your device is unable to act as a server when you are connected to the VPN. In other words, other hosts cannot connect to any service you run on your device when you are connected to the VPN.

Users of this service should note that, depending on the platform used and the means by which the remote computer is connected to the external ISP, the configuration of the remote computer, the client software and possible intermediate devices such as firewalls can be complex, requiring a substantial degree of technical competence. UIS will help with correctly configuring a device to connect to the VPN (via our Service Desk). Because of the variety of network connections and ISPs, UIS cannot undertake to provide support in configuring or sorting out problems relating to remote network connectivity.

A managed version of the VPN is available to institutions as the Managed VPN Service. This allows institutions to offer their own VPN (with their own server address and client subnet) using the UIS infrastructure.

Accessing the VPN from within the University

It is possible to access the VPN from a host already connected to the UDN, but this should be done for testing purposes only. The VPN service is deliberately configured to limit the amount of traffic passing along it when the connecting device is already connected to the UDN. This prevents unnecessary use of the VPN resource and also helps guard against misuse of the service.

Scheduled maintenance

You can see the VPN maintenance window on the vulnerable periods page. Users should expect disruption until maintenance is complete and the service marked as green on the UIS Service Status page.