• Portal
• Calendar
• A-Z Index

Find it

• About ITS
• Policies
• Feedback
• Search ITS
• ITS A-Z Index
• System Status

Yale VPN (Virtual Private Network)

Yale VPN (Virtual Private Network) provides a method for using a public network (usually the Internet) to securely access a private network.  Yale VPN allows clients connecting from a non-Yale Internet Service Provider (ISP) access to campus resources as if they are directly connected to the campus network.

VPN is REQUIRED for a connection:

• Via a private ISP (Internet Service Provider) to access restricted services and resources on the University and Yale-New Haven Hospital (Y-NHH) network
• Via medical campus public wireless access points
• To all Yale-New Haven Hospital resources
• If you require remote access to Yale systems (e.g., IDX) or on-campus workstations (e.g. via Remote Desktop Protocol [RDP]) containing ePHI, you must do so using a University-provided, fully managed encrypted computer via a Virtual Private Network (VPN) connection.  

Recommended VPN clients

Cisco AnyConnect (preferred client for secure VPN connections)

The Cisco AnyConnect VPN client supports 64 and 32 bit versions of Windows 7, Windows Vista, and Windows XP as well as MAC OS versions 10.5 and 10.6 and also Linux.  The AnyConnect client replaces the older IPSec VPN client although the IPSec client will continue to be supported.

• AnyConnect web client (Managed Workstation machines)
• AnyConnect VPN client via the ITS Software Library (not available for Managed Workstation machines)
• Install and configure Cisco AnyConnect Client for your iPhone or iPad [PDF]

Cisco IPSec client (Required for Y-NHH systems)

The IPSec client has been the traditional VPN client for many years and will continue to be supported.  However, it is not being developed by Cisco and there are no plans to provide 64 bit OS support.

The IPSec client is still needed if you:

• Require access to Y-NHH applications
• Need to establish a VPN connection before Windows logon (e.g., mobile Managed Workstations)
• Need to launch a VPN session while using Terminal Services (ie, Remote Desktop)

If you need to install the IPSec VPN client visit the ITS Software Library.

L2TP VPN connection

For situations where installation of a VPN client is not an option, the Yale VPN servers support an L2TP connection.  Note: PPTP connections are not supported by the new VPN servers. 

• Instructions for converting existing PPTP connections to L2TP - Windows XP or Vista
• L2TP connections – Windows 7

A new L2TP connection can also be set up by following the general instructions for creating a VPN connection from Windows.

Mobile devices

For handheld devices that cannot support the AnyConnect client, an L2TP connection replaces the older PPTP connection which is no longer available.  For handheld devices, the older IPSec client may be also be an option.

• Visit the mobile technology website for VPN configuration information .

Eligibility

All active Yale NetIDs are automatically authorized to use the VPN service. No registration process is required.

Support

If you have any questions, contact the Help Desk at 203-432-9000 or email helpdesk@yale.edu or contact your local support person.

Terms of Use / Policy

VPN provides excellent network security, but should only be used from an appropriately secured computing device. Similar to on-campus network connections, making a Yale VPN connection is safe if your computer is properly secured.   See the Systems and Network Security procedure for further information.

Making a Yale VPN connection from a home/remote computer behind a hardware firewall (e.g., Linksys box) puts your computer at risk if the computer is not properly secured. A computer behind a hardware firewall is invisible on the Internet, but once you make a Yale VPN connection that computer becomes visible on the Internet. You are exchanging your ‘private’ IP (not routed over the Internet) for a ‘public’ Yale IP (is routed over the Internet). Once you make a VPN connection your computer is exposed to attacks from both the Yale network and the Internet.

While using VPN, your computer is part of the Yale network and as such is accountable to all of University IT and ITS Policies.

 

Order or change service

The latest VPN software with configuration and installation instructions can be downloaded from the Yale Software Library.  

There is no charge for the VPN service, however, some specialized devices (specifically PDAs) may require the purchase of additional software.

Related links

• Accessing Yale resources from home and away
• Yale Proxy Service
• Proxy Server, Medical Library
• VPN statistics
• VA.gov research data security
• Y-NHH software and information