Select Page

Firewall Access Request

To strengthen our network security, SEASnet is transitioning from a fully “open” to a fully “closed” network policy. This change means that devices connected via wired (Ethernet) connections will no longer be accessible from outside the SEASnet network. However, outbound traffic from inside the network will remain unaffected.

What This Means for You

  • For Standard Desktop Users: No action is required. Your day-to-day operations will continue as usual.
  • For Server or Publicly Accessible Services: If your device requires public accessibility, you must request specific ports to be opened for proper communication.

Examples of Port Requests

  • SSH access: Request TCP port 22.
  • Web server access: Request TCP ports 80 and 443

 

How to Request Firewall Access

To request port openings, complete the form below and provide the following details:

  1. The reason your device requires certain port(s) to be publicly accessible.
  2. Information about the services running on your device.

Ensure you understand the technical requirements for your device before submitting your request.

 

Alternative Access via UCLA Campus VPN

For secure access to common services, we recommend using the UCLA Campus VPN. Once connected, you can access the following services from most devices:

Service TCP/UDP/Other Port #(s)
SSH TCP 22
Apple Remote Desktop/Apple Remote Management Services TCP/UDP 3283
Windows Remote Desktop TCP 3389*

Note: Due to external restrictions, Windows Remote Desktop (port 3389) cannot be opened to the entire internet.

 

Important Notices

  • Security Reminder: Opening ports exposes your device to the internet. Consider using the secure VPN method whenever possible.
  • No Charge: While this service is free, a valid recharge ID is required to process requests.
  • Processing Time: Requests are typically reviewed and processed within 1-2 business days.

 

Upcoming Policy Changes

To enhance security further, SEASnet will introduce an annual review and renewal process for IP addresses and open ports. This ensures ongoing compliance with security standards.