Network & Internet Access♯
CTS works with the Drexel IT (DUIT) Networking group to manage physical networks in Engineering classrooms, labs, and offices. We are also able to pass along concerns about wireless signal strength.
DUIT Networking provides information and instructions for connecting a wide variety of devices to Drexel's wireless networks.
All faculty, staff, students, and researchers with valid
@drexel.edu domain account credentials should use the
Dragonfly3 wifi network. Manual and automatic configuration options for a variety of operating systems are available here.
Basic internet connectivity for visitors is provided via the
DrexelGuest network. Users connecting to this network must open a web browser to accept terms and conditions before they are allowed general internet access. Devices connected to
DrexelGuest will not be able to access most Drexel network resources.
Members of the Drexel community visiting other schools may be able to access the EduRoam system. Participating colleges and universities provide wireless access via a shared authentication system, so that Drexel users may connect using their @drexel.edu credentials. EduRoam configuration utilities are available for a variety of computer and mobile operating systems.
Other Wifi Networks♯
dragonfly is considered a legacy network for devices that don't support WPA2 & 802.1X authentication. You should consider traffic on this network to be functionally unencrypted, and should avoid using it when possible.
dragonfly-play is available in and around the residence halls for connecting entertainment devices such as smart TVs, video game systems, wireless AV, etc. The network is open and unencrypted.
CTS manages Ethernet jack activations for Engineering rooms. For inactive jacks, DUIT Networking charges $150 per port activation. If you need new Ethernet jacks installed, please contact us so we can have DUIT Networking prepare a quote (on the order of $1000).
A virtual private network, or VPN, is a method of creating an encrypted tunnel to transfer data between two devices or networks over the untrusted networks that make up the rest of the internet.
Drexel provides VPN connectivity via a server located at https://vpn.drexel.edu/. While users are able to log on directly for basic encrypted web access, we recommend that users download and install the Cisco VPN AnyConnect Client (click
Start AnyConnect once logged in) to create a fully encrypted connection and provide access to other network resources, such as file servers and printers. While connected, all traffic (except for local network traffic) from or to a computer or device will be routed through Drexel’s VPN gateway.
AnyConnect Client Installation♯
You can download the client via the Drexel software site using the following links:
- Windows installation instructions
- macOS installation instructions
- Linux and mobile OS client installers
Connecting using AnyConnect♯
Once installed, run the AnyConnect software (listed as Cisco AnyConnect Secure Mobility Client on the Windows Start Menu under Cisco and on MacOS in Applications) and enter vpn.drexel.edu as the server name. When prompted, enter your Drexel username (e.g. abc123) and password. You will then be required to complete your multifactor authentication (if you have an authenticator app configured, you'll have to approve the login request; otherwise the phone number you registered with will be called/texted with a code).
You can verify that you are on the VPN by visiting a site such as What's My IP? and confirming that the address starts with
Drexel Network IP Ranges♯
Currently, Drexel makes use of 3 different address spaces,
188.8.131.52/16 (144.118.x.x), and
10.0.0.0/8 (10.x.x.x). Aside from web servers that require the ability to serve pages to the world via the web, we recommend that all servers and workstations be firewalled to prevent connections from outside of these 3 IP ranges.
IPv4 Public Networks♯
Drexel has two publicly routable IP ranges,
184.108.40.206/16, that for years were the only networks available. For most of our Engineering spaces,
220.127.116.11/16 addresses were used for hard-wired Ethernet connections and
18.104.22.168/16 addresses were used for wireless connections. Aside from web servers, very few of the devices on our networks require incoming access from the outside world. For most computers, this direct access from outside Drexel's network is an important security concern and should be avoided whenever possible.
IPv4 Private Networks♯
Made fully available in 2016, Drexel Networking now provides multiple subnets using one of the RFC1918 address spaces
(10.x.x.x) across campus, typically with a
/22 subnet per building. Most of the addresses that are now assigned via hard-wired Ethernet in our spaces are in the
10.248.x.x range. Wi-fi addresses are usually assigned in the
10.250.x.x range. VPN connections will be assigned IP addresses in the
We do not currently use IPv6 addresses for any purposes. Certain functions in Windows 10 now requires that IPv6 be enabled, even if it is not actively used. Fully disabling IPv6 is not recommended.
Requesting a static IP address and hostname♯
CTS submits and tracks all requests for hostnames and static IP addresses as required for various computing needs. If you need a static IP / DNS entry for a host on the wired network, please contact us. Drexel Networking does not allow static IP addresses or custom hostnames for devices connected to the wireless networks.
The College of Engineering spans multiple subdomains for academic and business units, including:
coe.drexel.edu(College of Engineering)
cae.drexel.edu(Civil, Architectural, and Environmental Engineering)
chemeng.drexel.edu(Chemical & Biological Engineering)
ece.drexel.edu(Electrical & Computer Engineering)
materials.drexel.edu(Materials Science & Engineering)
mem.drexel.edu(Mechanical Engineering & Mechanics)
Acceptable Use Policy♯
All use of Drexel's networks is subject to Drexel's Acceptable Use Policy (AUP). In addition to specific guidelines covering Access Requirements, Prohibitions, and Monitoring, the general guidelines for acceptable use of the Drexel Network are based on the following principles:
- Users must behave responsibly with respect to the Drexel Network at all times.
- Users must respect the integrity and the security of the Drexel Network.
- Users must behave in a manner consistent with Drexel's mission and comply with all applicable laws, regulations, and Drexel policies.
- Users must be considerate of the needs of other Users by making every reasonable effort not to impede the ability of others to use the Drexel Network and show restraint in the consumption of shared resources.
- Users must respect the rights and property of others, including privacy, confidentiality and intellectual property.
As part of Drexel's Data Security Initiative, all data entering or exiting Drexel's networks travel through a Palo Alto firewall designed to scan for and block potentially malicious activity. As stated on DUIT's information page linked to above, this border firewall is a supplement to, not a replacement for, recommended security practices.
"Rogue" Wifi Networks♯
The Drexel Networking group forbids the use of any networking equipment, wireless or otherwise, that affects the operation of Drexel networks. Please do not run wireless routers or wireless presentation devices without first contacting us so we may assess the need and request a possible waiver from Networking.
Disconnecting suspect devices♯
The DUIT Networking team uses various methods of monitoring the network for devices exhibiting malicious behavior, which will lead to the wall Ethernet jack the device is connected to being disabled. If you are using a switch to connect multiple computers to a specific wall jack, all of the devices connected to that switch will also lose connectivity.
If you find that a network jack used by your device has been disabled, please do not attempt to move it to a new jack -- this will result in the new jack being disabled as well. Please contact CTS so we may assist with whatever remediation is required by Networking to allow the device back onto Drexel's network. Depending on the severity and cause of the device being blocked, potential steps may include thoroughly scanning and removing the cause of the behavior (if possible), recovering the device from a backup taken before infection, or a full reinstall of the device's operating system.