Access Keys:
Skip to content (Access Key - 0)

Which ports are blocked or allowed by the firewall on MIT GUEST wireless network?

On this page:

Answer

The MIT GUEST network is intended for visitor and guest access. It can also be used for devices that do not support the security protocols necessary to connect to the MIT SECURE wireless network. For a list of devices that IS&T recommends using the MIT GUEST wireless network for, click here. Devices on the MIT GUEST network will be assigned an address outside of MIT's standard 18.x.x.x class A address block. (Network addresses on MIT GUEST will begin with 10.189.x.x.)

Blocked ports and address ranges

The following common services are blocked:

  • Network printing (ports 515 and 631)
  • Some Java Tomcat applications (ports 8080 and 8443)
  • Pharos Student Printing and Pharos Popup Client (port 28212)
  • Crashplan installation (auto-detecting license and server information)
  • SAP eLearning ("MIT Learning Center") training portal accessed via Atlas
  • Comcast IP TV pilot (requires 18.x.x.x network address)
  • Unauthentic SMTP (port 25)

The list above is not comprehensive.

Allowed ports

A comprehensive list of allowed ports on the MIT GUEST wireless network can be found below. Ports not listed below will be blocked by the firewall.

access-list OUTSIDE-OUT extended permit tcp any any eq www
access-list OUTSIDE-OUT extended permit tcp any any eq https
access-list OUTSIDE-OUT extended permit tcp any any eq ssh
access-list OUTSIDE-OUT extended permit udp any any eq domain
access-list OUTSIDE-OUT extended permit tcp any any eq 993
access-list OUTSIDE-OUT extended permit udp any any eq isakmp
access-list OUTSIDE-OUT extended permit udp any any eq 4500
access-list OUTSIDE-OUT extended permit tcp any any eq aol
access-list OUTSIDE-OUT extended permit tcp any any eq 5222
access-list OUTSIDE-OUT extended permit tcp any any eq 5223
access-list OUTSIDE-OUT extended permit udp any any eq ntp
access-list OUTSIDE-OUT extended permit tcp any any eq 10000
access-list OUTSIDE-OUT extended permit udp any any eq 1723
access-list OUTSIDE-OUT extended permit tcp any any eq pptp
access-list OUTSIDE-OUT extended permit tcp any any eq 1863
access-list OUTSIDE-OUT extended permit tcp any any eq 5050
access-list OUTSIDE-OUT extended permit tcp any any eq domain
access-list OUTSIDE-OUT extended permit tcp any any eq 444
access-list OUTSIDE-OUT extended permit tcp any any eq imap4
access-list OUTSIDE-OUT extended permit tcp any any eq 465
access-list OUTSIDE-OUT extended permit tcp any any eq 587
access-list OUTSIDE-OUT extended permit tcp any any eq 5000
access-list OUTSIDE-OUT extended permit tcp any any eq 3653
access-list OUTSIDE-OUT extended permit udp any any eq 3653
access-list OUTSIDE-OUT extended permit tcp any any eq 3389
access-list OUTSIDE-OUT extended permit tcp any any eq 5900
access-list OUTSIDE-OUT extended permit tcp any any eq citrix-ica
access-list OUTSIDE-OUT extended permit tcp any any eq ldap
access-list OUTSIDE-OUT extended permit tcp any any eq ldaps
access-list OUTSIDE-OUT extended permit tcp any eq ftp any
access-list OUTSIDE-OUT extended permit tcp any any eq pop3
access-list OUTSIDE-OUT extended permit tcp any any eq 995
access-list OUTSIDE-OUT extended permit tcp any any eq 406
access-list OUTSIDE-OUT extended permit gre any any
access-list OUTSIDE-OUT extended permit esp any any
access-list OUTSIDE-OUT extended permit ah any any
access-list OUTSIDE-OUT extended permit tcp any any eq 88
access-list OUTSIDE-OUT extended permit udp any any eq 88
access-list OUTSIDE-OUT extended permit tcp any any eq 446
access-list OUTSIDE-OUT extended permit tcp any any eq 447

See Also:

The Wireless Networks at MIT
How to connect to the MIT SECURE wireless network
Eduroam Landing Page
The MIT GUEST wireless network
Troubleshooting and reporting problems on the MIT wireless network
List of devices that can or can't connect to MIT SECURE

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

April 03, 2015

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
wireless wireless Delete
c-wireless c-wireless Delete
met met Delete
guest guest Delete
firewall firewall Delete
ports ports Delete
blocked blocked Delete
access access Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki