CCI Private Cloud - Managing the Network Firewall of a VM

VMs in CCI Virtualization can be provisioned on the following networks:

    • VLAN 3025
      • This subnet cannot be accessed from machines off-campus
      • This subnet cannot be accessed from machines off-campus (incoming), but can access off-campus resources (outgoing)
      • Incoming: Deny incoming traffic from UWNet (includes eduroam) and ResNet
      • Incoming: Allow other incoming traffic from campus
      • Outgoing: Allow all outgoing traffic
      • Incoming: Deny all incoming traffic except SSH (Linux), RDP (Windows)
      • Outgoing: Allow all outgoing traffic
      • Subnet: 10.128.254.0/24
      • Subnet Mask: 255.255.255.0
      • Gateway: 10.128.254.1
      • Firewall context: fc-539
      • Firewall managed by DoIT
      • Default network firewall ruleset:
      • Default guest OS (software) firewall ruleset:

    • VLAN 95VLAN 96
      • By default, this subnet cannot be accessed from machines off-campus
      • By default, this subnet cannot be accessed from machines off-campus (incoming), but can access off-campus resources (outgoing)
      • Incoming: Deny incoming traffic from UWNet (includes eduroam) and ResNet 
      • Incoming: Allow other incoming traffic from campus
      • Outgoing: Allow all outgoing traffic
      • Incoming: Deny all incoming traffic except SSH (Linux), RDP (Windows)
      • Outgoing: Allow all outgoing traffic
      • Subnet: 128.104.50.0/24
      • Subnet Mask: 255.255.255.0
      • Gateway: 128.104.50.1
      • Firewall context: fc-539
      • Firewall managed by DoIT
      • Default network firewall ruleset:
      • Default guest OS (software) firewall ruleset:

  • VLAN 93
    • By default, this subnet cannot be accessed from machines off-campus
    • Incoming: Deny incoming traffic
    • Outgoing: Allow all outgoing web traffic (destination ports: http: 80/tcp, https: 443/tcp)
    • Outgoing: Deny all outgoing traffic
    • Incoming: Deny all incoming traffic except SSH (Linux), RDP (Windows)
    • Outgoing: Allow all outgoing traffic
    • This subnet's default firewall ruleset does not allow incoming nor outgoing customer access. Customers will need to email cci-virtualization@wisc.edu or contact the DoIT Help Desk to customize the firewall rules for VM provisioned on this subnet.
    • Subnet: 128.104.221.0/25
    • Subnet Mask: 255.255.255.128
    • Gateway: 128.104.221.129
    • Firewall context: fc-582
    • Firewall managed by DoIT
    • Default [restricted] network firewall ruleset:
    • Default guest OS (software) firewall ruleset:

To request a firewall change for a VM.

To report a network issue in the CCI Virtualization environment.


    Incident Reporting & Technical Support

    CCI Private Cloud Incident Reporting

    • Customers should contact the DoIT Help Desk to report an incident or check the outages page for an CCI Private Cloud incident.
    • Formal support is provided for CCI Private Cloud during business hours only. After-hours support is best effort.

    CCI Private Cloud Technical Support

    • Customers should contact the DoIT Help Desk or email cci-virtualization@wisc.edu with support requests.
    • CCI Private Cloud technologists will respond to all support requests by the end of the following business day.

     

    See Also:



    Keywords:cci, cciv, private, cloud, virtualization, manage, network, firewall   Doc ID:52058
    Owner:Drew D.Group:Campus Cloud Infrastructure (CCI) - Private Cloud
    Created:2015-06-08 12:52 CDTUpdated:2023-03-31 08:39 CDT
    Sites:Campus Cloud Infrastructure (CCI) - Private Cloud
    Feedback:  0   0