Body
Campus Firewall Port Openings
Firewall Port Opening
The Texas A&M Campus Firewall blocks all service ports by default. Requests to have a service available outside the campus firewall can be made by:
Requests may take up to 2 business days to be completed. If the request is urgent, and the 2 day timeline is not sufficient, state that the request is URGENT, and include the reason for this urgency. If you do not receive a response to your mail, call the Operations Center at 979.845.8300, and ask them to contact the Network Security Team concerning your request.
Firewall configuration for a host is based on the DNS host name of that machine (i.e machinename.tamu.edu) and not IP address. All initial firewall change requests should be made for the machine hostname and not the IP address. If the name of a machine changes, you will need to email firewall@tamu.edu regarding the change to ensure that firewall settings for that machine continue to work. If the IP address for a machine changes, but the hostname remains the same, no firewall changes are needed.
Not all ports are allowed to be opened through the campus firewall. For a listing and explanation of exceptions allowed through the firewall, see Firewall Ports Restrictions.
Authorization to request port openings
All machines that have services visible through the firewall must have valid "owner" information, and firewall change requests must be received from the network administrator of the machine.
Requests for changes to the firewall must come from the administrator of the machine as recorded in Infoblox. Requests received from anyone else will be forwarded to the machine's administrator for approval. Because of the high turnover rate of student administrators, we do not accept firewall change requests from students unless approved by a full-time staff member in the department hosting the machine.
Configuration and security of port openings
Computers must be secured before their services can be allowed through the campus firewall. The machine will be scanned for vulnerabilities, and any problems reported must be resolved before the requested ports can be opened. Also, any service open through the firewall will be scanned periodically to verify the software and configuration are relatively free of vulnerabilities. If problem are found during these scans, the owner will be notified and we will work with you to help secure the service.