UTORvpn is a general, remote access, VPN service. It connects your computer to the University’s network and protects the traffic across suspect intermediate networks such as hotels and coffee shops. UTORvpn cannot be combined with other network security measures such as Anonymous VPNs or TOR. When connected, all internet traffic from your computer will pass through UTORvpn. You will sign into UTORvpn using your UTORid and password.
It can be used for easier access to library e-resources and access other services which may be restricted to general on-campus networks. UTORvpn should not be used for privileged access or other security-sensitive work; please see AdminVPN for those needs.
What can I use UTORvpn for?
Use of UTORvpn is subject to the University’s Appropriate use of Technology Guidelines. Most web browsing or common e-communications activities are permitted. Because UTORvpn protects all of your internet traffic, and this is a shared service, please be cognizant of how much bandwidth you are using.
For Service Owners
If you are the owner or operator of an IT service related to U of T, then you may need to decide to allow, or deny, access to your service for users connecting through UTORvpn.
All UTORvpn users are being connected through Carrier Grade NAT. UTORvpn connections will come from the network ranges: 138.51.26.0/24, 138.51.8.0/23, 138.51.12.0/23
Note that VPN client will be assigned an IP address in the network range 100.98.0.0/19 or 100.98.128.0/17 reserved for carrier-grade NAT. The address range is translated to IP range specified above to access resources on the UofT network and the Internet.
Migration Notice: UTORvpn is undergoing a migration from OpenVPN to Cisco’s ASA VPN. For LegacyVPN documentation, see http://vpn.utoronto.ca/
- Information Commons Help Desk
- 130 St. George Street
- Robarts Library, 1st floor
- Phone: (416) 978-4357
- E-mail: help.desk@utoronto.ca
- Website: https://onesearch.library.utoronto.ca/ic-help-desk-knowledge-base
- Hours:
- Monday to Friday - 8:30 a.m. to 9:00 p.m.
- Saturday - 11:00 a.m. to 3:00 p.m.
- Sunday - 1:00 p.m. to 5:00 p.m.
- UTM Information & Instructional Technology Services
- 3359 Mississauga Road
- CCT Atrium
- Phone: (905) 828-5344
- E-mail: helpdesk.utm@utoronto.ca
- Website: https://www.utm.utoronto.ca/iits/
- Hours:
- Monday to Friday - 8:00 a.m. to 8:00 p.m.
- Saturday to Sunday - 9:00 a.m. to 5:00 p.m.
- UTSC Information & Instructional Technology Services
- 1265 Military Trail
- Academic Resource Centre, AC204
- Phone: (416) 287-4357
- E-mail: helpdesk@utsc.utoronto.ca
- Website: https://www.utsc.utoronto.ca/iits/
- Hours:
- Monday to Friday - 8:15 a.m. to 5:00 p.m.
UTORvpn is available to all University Faculty, Staff, and Students identified by UTORid.
Guest accounts (with a qq prefix) or other irregular accounts cannot connect to UTORvpn.
- Users that exceed 20GBs/day will receive an automatic warning e-mail from vpn@utoronto.ca
- If suspicious/abusive patterns are identified while using UTORvpn, further action may be taken to protect your account and the integrity of the service. Before starting any leisurely activities, users are advised to disconnect from the service.
- Dynamic Split Tunnelling has been integrated into UTORvpn, which makes users exclude specific domains from the UTORvpn service. That is, if a user attempts to access an excluded domain (e.g. YouTube), access would be dependent on the user's ISP (internet service provider), and any usages on the excluded domain would not contribute to the 20GBs/day cap.
In addition, UTORvpn blocks:
- Nameserver (port 42)
- DHCP (ports 67-68)
- TFTP (port 69)
- NETBIOS (port 139)
- SNMP and SNMP trap (ports 161-162)
- Microsoft Directory Service (port 445)
- Ports 593, 707, and 4444
If your service requires additional protocols or ports, please contact us with your business justification. Requests will be reviewed in the context of the service’s intended use and the University’s overall security posture. If your use-cases is limited to specific individuals please consider our AdminVPN service.
If you are identifying bad conduct originating from the UTORvpn network range, please contact us.
List of excluded domains for dynamic split tunnelling: YouTube
- youtube.com
- youtube-nocookie.com
- ytimg.l.google.com
- googlesyndication.com
- ytimg.com
- googlevideo.com
Microsoft Teams, Skype, SFB
- lync.com
- skype.com
- skypeforbusiness.com
- teams.microsoft.com
Netflix
- netflix.com
- btstatic.com
- nflxext.com
- nflximg.com
- nflximg.netnflxvideo.net
Zoom
- zoom.us
Webex
- webex.com
Amazon Prime Video
- primevideo.com
Goto Meeting
- gotomeeting.com
Some FAQs are directly linked with Enterprise Service Centre's Knowledge Base. If you initially receive an error that states "Article not found", login using your UTORid and then try again.
Note: LegacyVPN was initially intended to be decommissioned, but in response to the COVID-19 pandemic, the decision to decommission LegacyVPN is temporarily suspended until further notice. See the "News" tab for further updates. If you do not have any prior knowledge of LegacyVPN/OpenVPN, please use Cisco AnyConnect.