Firewall Port Restrictions

The firewall is in place to protect the campus network. For this reason, not all requested ports can
be opened. The following is a listing and explanation of port openings through the campus firewall.
Another option to connect to the campus network that does not require exceptions in the
campus firewall is the VPN Service.

Reminder! It is a security violation to put a TCP/IP service on any port other than the one assigned
to the service.

TCP Ports

All incoming TCP ports are blocked by default at the campus firewall. To open a needed port, a
request can be sent to firewall@tamu.edu. Not all requested ports can be opened. The table
below shows which ports can be opened.

* Filesharing over the internet is never a good idea. However, exceptions are approved when no other solution is available.
* Note! All protocols that pass passwords in plain text (telnet,ftp,pop,imap) were
blocked/disallowed beginning September 2005.

When any port is opened through the campus firewall, the system operator is responsible for its integrity. The port will be blocked if the machine is considered a security risk to the campus network.

HTTP Services: Please note that our policy is for services to run on standard ports. For web servers, this means port 80 (for unencrypted access) and port 443 (for ssl-enabled sites). We do allow alternate servers on 8000 or 8080 (unencrypted) and 8443 (encrypted).

Note for ResNet Users: The table above does not apply to machines on the ResNet network
(the dorms). Only port 80 can be opened for machines on ResNet. More information on this
can be found here.

UDP Ports

Most incoming and outgoing UDP ports are open by default through the campus firewall.
The exceptions to this are those known UDP ports targted by trojans/worms. If you have a
question concerning a UDP port, please send mail to security@net.tamu.edu, or you can check
the open TCP/UDP ports for any hosts you own at https://firewall.tamu.edu.