====== Firewall ======
Physics runs a firewall configuration which blocks all incoming connections from both the university and the internet in general.
===== Open ports =====
The following ports are open to the internet on all hosts.
* 22 (ssh) is open to all hosts from everywhere on the internet.
===== Host-by-host =====
Its possible to poke holes in the firewall to specific hosts in some circumstances, though we require a string business-reason to do so without an alternative.
===== SSH Tunneling =====
If you are wanting to connect to a system inside physics from outside, most simple applications can be tunneled over [[:computing:department:software:ssh|ssh]].
For example, VNC (remote desktop) can be tunneled by following this guide: [[http://martybugs.net/smoothwall/puttyvnc.cgi|Tunneling VNC over SSH with PuTTY]]. If you need assistance with configuring SSH to support your application, contact us for help.
==== Examples ====
=== Unix/Linux ===
To make localhost:1234 connect to somehost.physics.umn.edu on port 5510
> ssh -L1234:somehost.physics.umn.edu:5510 myusername@physics.umn.edu
=== Windows ===
The guide [[http://martybugs.net/smoothwall/puttyvnc.cgi|Tunneling VNC over SSH with PuTTY]] gives an example of using PuTTY to forward VNC over SSH.
===== Proxies =====
Some applications do not behave properly when used behind a firewall. In this case a proxy can help. Please refer to the following list of workarounds:
==== FTP Proxy ====
Physics users may have trouble transferring data to some FTP servers, if those ftp servers are also behind a firewall. We provide an ftp proxy server to work around this problem. To use it:
* Use your ftp program to connect to ''ftp-proxy.spa.umn.edu''
* At the Name prompt, enter ''username@hostname'' where ''hostname'' is the remote site you want to connect to, and ''username'' is the username at the remote site.
* At the Password prompt, enter your remote site password.
Example:
$ ftp ftp-proxy.spa.umn.edu
Connected to dunnotar.spa.umn.edu.
220 FTP proxy (v0.13.5) ready
Name (ftp-proxy.spa.umn.edu:root): anonymous@some-ftp.site.edu
Password:
230 Login successful.
ftp>