For IT Pros: This page contains information about ports that are blocked at the campus firewall.
The Chief Information Officer of the University of Illinois has approved blocking specific vulnerable ports at the entrance and/or exit to the campus network. These blocks are due to an increase in the number of network-based security vulnerabilities seen on campus, and follow a recommendation by the Department of Homeland Security.
In an effort to provide a stable networking environment and deter certain classes of security breaches on campus, a limited number of networking ports will be blocked at the campus entrance and/or exit.
Please note that traffic that remains internal to the UIUC campus will not be affected by these blocks. If you are using one of these ports to communicate with another system inside the UIUC campus network, the campus-perimeter firewall blocks will not interrupt that communication. Only units wishing to share files with off-campus users may encounter problems with these blocks.
The following ports will be blocked at the campus firewall to prevent
assault on the UIUC network from external sources through known
exploits:
These ports currently are not enabled even with Fully Open or +UI policies, but can be requested as an add-on using policy Group_135exempt or Group_135exempt_UI respectively.
Although this should not affect the overwhelming majority of campus network traffic, this may cause some communication issues for some particular campus units. The VPN, Off-Campus Customers can be used to re-establish this connectivity safely and securely.
If the blocks will negatively impact the functioning of your unit, and you have not already requested an exception, please have the network administrator contact the Help Desk and request that your unit be provided exception criteria.
Note that ports 1434 and 41170 will not be unblocked in the majority of cases. All the other ports on the blocking list can have exceptions made when necessary for academic and research purposes.
If your machines belong to groups that do not contain the +UI description in their names, then machines located at the University of Illinois at Chicago and at Springfield are not treated as on-campus systems in relation to the placement of the UIUC firewalls, and the other campuses cannot be exempted from the UIUC campus-perimeter firewall blocks. Networking traffic from UIC and UIS on these ports are blocked just as any other off-campus traffic would be.
If your machines belong to groups that do contain the +UI description in their names, then machines located at the University of Illinois at Chicago and at Springfield are treated as on-campus systems in relation to the placement of the UIUC firewalls, and the other campuses are exempted from the UIUC campus-perimeter firewall blocks. Networking traffic from UIC and UIS on these ports are permitted just as network traffic from UIUC would be except for those ports explicitly called out above.
For a description of the IP ranges that will be viewed as inside the firewalls in the +UI groups, see Networking, Guide to University of Illinois IP Spaces .