Networking, Firewall, Service Plan Details
For IT Pros This page contains links to information about the different settings available in the campus firewall groups available for use by campus IT pros.
Because no two departments on campus are the same, several firewall plans are provided to serve a variety of needs. The group model allows departments to benefit from the protection of the firewalls that are already in place at the entrance and exit of the campus network, while also allowing Technology Services to maintain a manageable and flexible rule set on the campus firewalls.
The firewall groups without "+ UI" in their titles treat the Springfield and Chicago campuses as external to the Urbana firewall. The groups with "+ UI" identifiers treat all three University of Illinois campuses as within the firewall. See Networking, Guide to University of Illinois IP Spaces for a list of the IP ranges that are treated as internal network space in the +UI firewall groups.
Click on a firewall group's name for more details.
Fully Closed + UI
(Fully Closed is the default group)
Desktops Fully Closed + Remote Administration
Fully Closed + Remote Administration + UI
Only SSH and Apple remote administration ports (22, 3283, 5900, and 5988)
If you require Windows RDP access you can use the campus RDP Gatway: rdpgateway.illinois.edu
Desktops Mostly Closed
Mostly Closed + UI
Only the most popular services such as web, email, and file transfer. (Port list) Web/email servers Mostly Closed + Remote Administration
Mostly Closed + Remote Administration + UI
Popular services such as web, email, and file transfer plus remote administration ports. (Mostly Closed port list + remote administration port list) Web/email servers Mostly Open
Mostly Open + UI
All except web, mail, and a selected assortment of other services. (Port list) Other servers Fully Open All except ports always blocked at the campus firewall Special cases
Private IP space, NAT, and campus firewalls
Private IP space is comprised of IP addresses that can be used internally within the campus network, but are not routed on the Internet. Networking, Guide to University of Illinois IP Spaces explains the private IP ranges available and the recommendations for their use.
Computers which are hosted in private IP space can connect to the Internet with the help of Network Address Translation (NAT), which maps the computer's private IP address to a public IP address.
If you are interested in using NAT with private IP space, contact Network Engineering. NAT is most useful for large networks that can free up many large IP blocks.