I’m just curious. My university’s secure WiFi requires both a username and password to connect, and obviously they’re going to monitor all activity going through their network(s). But if I connect to it with my credentials, and then connect to my VPN (which I’ve successfully done), can they still see specifically what I’m doing? Or will they just see the VPN server’s IP address? I’m having a hard time visualizing this setup in my head. I guess what I’m asking is whether the login credentials take precedence over the VPN connection, if that makes sense.
They can see you’re using a VPN, they can see how much bandwidth you’re using and deduce some things like that you’re streaming video, but they won’t see any URLs or page content. They won’t know if you’re streaming Youtube or Pornhub.
No. Unless you’re using their device. If you’re using your own device without any software installed from your school then you’re fine. Also change your computer/device name to something standard.
They can only see the IP address of the VPN server your connected to and the VPN protocol it’s connecting over. Any IP requests, DNS requests or other internet traffic is tunneled though the VPN and your collages networking equipment has no way of determining what your doing.
Apart from using a VPN make sure that it doesn’t leak or use the school DNS - that’s critical for you to remain safe in addition to all the good suggestions here
Your login credentials give you access to your university WiFi - which will log all IP numbers you connect to. When you use a VPN they log/see you connecting to your VPN provider’s IP xxx.xxx.xx.xx. Now, when you connect to, say Google, that gets sent over your VPN connection. Your WiFi still sees you connecting to the same IP xxx.xxx.xx.xx and all the sites you visit see you as connecting from IP xxx.xxx.xx.xx, not your university IP uuu.uuu.uu.uu.
Most VPNs are https these days, so that means all your traffic is encrypted. Most sites also default to https - try typing in http://google.com and it will get resolved by Google as https - even though you went in over an unencrypted connection, Google changed it to encrypted.
Many public WiFi’s restrict access to some/all VPN, especially if they don’t require some kind of sign-in credentials to give you access.
Ooh, that’s interesting. Is there a way I could investigate to see if they’re using that model (besides just looking it up to see if it’s public information)?
It’s my own personal device, and the only software they’ve had me install is a client that connects to the university’s own VPN when I’m off-campus. And I’m asking this question for when I’m on-campus. But besides that it’s just the username and password on my own computer.
No. With https they still see the ip of every site you connect to, just not the content. With a vpn, they only see the one vpn ip address. Nothing else.
So what can I do to remove their certificates on my personal laptop?
I looked at all of my certificates and there is a ton of them.
How do I determine which ones are the installed certs from my company?