skip navigation

VPN for Off-Campus Users (Wired and Wireless)

CITES > VPN > about > off-campus

Introduction

If you're an off-campus user and access UIUCnet through a third-party Internet Service Provider (ISP), the Virtual Private Networking (VPN) system can provide you with a unique benefit. For users of off-campus wired networks, the VPN system provides an on-campus identity that is essential for access to some University resources. For users of off-campus wireless networks, including in local coffeehouses and bookstores, using the VPN system provides you with wired-equivalent security as well as an on-campus identity.

Certain UIUCnet services (most notably the Library's special online collections) will provide full access only to computers that have a UIUCnet IP address, and the number of services with restrictions will continue to grow. The VPN system is the only way for off-campus users connecting through third-party ISP connections to claim a UIUCnet IP address in order to access these restricted services.

When you won't need a UIUC IP address to access UIUC services

You can access the most common UIUCnet services, such as CITES Express Email, public web servers, and Bluestem-protected pages, without a UIUCnet IP address.

(Bluestem-protected pages include sites such as the Human Resources department's NESSIE and many departments' internal web sites. For more information about Bluestem, see Bluestem for campus users.)

When you will need a UIUC IP address to access UIUC services

Firewall restrictions: The number of servers requiring a UIUCnet IP address will continue to increase as a result of campus firewall service plans that permit network and system administrators to restrict non-UIUCnet access to groups of machines. The restriction options available range from "accessible by any IP address" to "accessible only by UIUCnet addresses." Intermediate levels of restriction allow worldwide access to some but not all of the services on a machine in that category.

If the machine you are trying to connect to has been placed under partial or complete UIUCnet firewall restrictions, you will be able to access it only when your machine identifies itself as part of the UIUCnet network. That means either being on campus and using campus-provided connections, or using the VPN server with a third-party ISP connection.

Library special collections: The Library's special online collections also require UIUCnet IP addresses in order to grant access. From an on-campus location, your computer's UIUCnet IP address is already granted. However, if you're working off campus, your computer isn't affiliated with UIUCnet even though you still belong to the University.

Therefore, logging in through the VPN (with a special Library-specific profile explained in more detail here) and claiming an on-campus IP address from your off-campus location establishes that you are a University affiliate and that you have the right to access their special collections.

When you may need more assistance to connect

If access to a service is restricted to a certain subset of the UIUCnet IP range and the addresses assigned by the VPN server are not part of that list, using the VPN server will not completely eliminate your remote access problem. In this case, contact your network administrator or system administrator to ask for the VPN server's IP addresses to be added to the list of permitted IP addresses, and to clear up any details regarding any possible additional authentication requirements expected by that system.

If you have a firewall and/or a cable modem between your location and the VPN system, you may have some additional difficulties making a VPN connection. For more information, see the Troubleshooting a Wired or Off-Campus VPN Connection page.