The University of San Francisco: Information Technology Services
Network and Web

VPN FAQ

What is a VPN?

A Virtual Private Network is a set of technologies that create secure communication paths between the private campus network and computers on insecure networks such as the Public Internet.

The “howstuffworks.com” website has a great analogy that explains the use of VPN technology: http://computer.howstuffworks.com/vpn4.htm

Why should I use a VPN?

VPN allows you to connect to campus network resources such as department or college file servers from almost any location that has a connection to the Internet.  Faculty and Staff have connected back to the USF campus network using VPN from all parts of the World.

Additionally, many faculty and staff use VPN to securely connect to campus network to telecommute from home (over DSL or Cable Broadband Internet Service Providers), hotels, conferences, other even Internet Cafes.

What do I need to use VPN?

To use VPN, your computer must have the Cisco AnyConnect VPN “client” software installed. All University-owned computers are installed with a VPN client.  If you intend to use a personal computer, your computer must be updated with the current Operating System security updates, updated Antivirus protection software and must meet the network security standards as defined in the University Network Security Policy.

System requirements:

  • For a Microsoft Windows based computer, you must meet the following requirements:
    • Windows 7 on x64 (64-bit)
    • Windows 7 on x86 (32-bit) only
    • Windows Vista on both x86 (32-bit) and x64
    • Windows XP on x86
    • VPN Client does not support the Tablet PC 2004/2005; and Windows 2000, NT, 98, and ME.
  • For a Mac OS based computer, you must have Mac OS 10.4 and above.
  • A stable connection to the Internet Connection (e.g. Cable Broadband, DSL, etc.)

Should I use the VPN service if I am on campus?

If your computer is physically connected to the USF campus network by an Ethernet cable you should not need to used VPN.

If you are connected to USFwireless you may need to use VPN to access a secured system such as Banner, a department File Server or to use a Network Printer.  USFwireless does not have encryption enabled and only internal web servers (e.g. USF Connect, Blackboard, etc.) that use SSL (Secure Socket layer) are accessible through USFwireless via HTTPS without VPN.

As a best practice, you should never login to a website that does have HTTPS enabled with a valid SSL certificate.  Username and Password credentials submitted over a non-SSL website are sent in “clear” text and can easily be intercepted.

When I type my password in the VPN client logon is it encrypted?

The password is encrypted using the same encryption strength used to encrypt the data communication (AES-256 bit encryption). AES-256 bit is widely considered as a high level of security for data encryption.

Does the VPN client provide firewall services?

No, the purpose of the VPN is to secure the transmission of your data where as firewall filters (allows or denies) and controls data communication between your computer and other computers or networks.  The Cisco AnyConnect VPN client does not have integrated firewall services.

I have a home network and use a Wireless Router. What IP addresses should I assign my machines at home so as not to conflict with the VPN service?

We recommend using IP addresses in the 192.168.x.x range which is the default network address range used for most consumer level routers that provide DHCP services.  If possible do not use the 172.16.x.x/12 range which may conflict with the range used by the USF campus network.

How strong is the encryption used in the USF VPN service?

USF VPN is configured to support AES (Advanced Encryption Standard) with a key length of 256 bits. AES-256 is considered to be a very strong encryption algorithm and is the same algorithm commonly used by financial institutions for online banking transactions.