Firewalling
eduroam access is typically firewalled and so only a few Internet services might be accessible, fortunately there is an effort, in the UK at least, to have a common set of baseline rules to be used so that users roaming from one location to the next can expect to a degree some aspect of “similar service” availability. A listing of the services permitted that you can expect to be able to use nationally can be found on JANET's 'eduroam' Roaming page although here at SOAS we have chosen to additionally whitelist the following 'egress established' extras too:
- Proxy
- HTTP (web) - 3128/tcp and 8080/tcp
- SOCKS - 1080/tcp
- Version Control
- git - 9418/tcp
- Subversion - 3690/tcp
- CVS - 2401/tcp
- Media Streaming
- Instant Messaging
- XMPP (Jabber, Google Talk, 'LJ Talk', Nokia Ovi Contacts, etc) - 5222/tcp (including legacy 5223/tcp)
- Voice over IP (VoIP)
- SIP - 5060/udp and 5060/tcp
- Authentication
- Kerberos - 88/udp, 749/udp, 750/udp and 464/udp
- Video Conferencing and Collaboration
- JANET Video Conferencing Service - as detailed by JANET and last checked 20110518
- evo.caltech.edu - as detailed by Caltech for their Koala client and last checked 20110518
- Virtual Worlds
- secondlife.com - as detailed by Linden Labs and last checked 20110519
HTTP based web servers may only be accessed if they work over port 80/tcp and HTTPS over only 443/tcp. If however you need to connect to an HTTP service that operates on a TCP port number above 1023 then you need to use the SOAS proxy servers in order to do so. In order of descending preference, you should configure your computer to:
- autodetect proxy settings for the network
- automatic proxy configration URL (WPAD) at http://proxy.soas.ac.uk/
- manually configure for the proxy server at proxy.soas.ac.uk using port 3128
If you need access to other services here at SOAS for work related reasons, then contact us and we will consider additional whitelistings on a case-by-case basis.
