to Homepage
You are located in service Firewall
General information
IT Center Help

You are located in service: Firewall

Server registration and firewall administration
Print page

Server registration and firewall administration

guide

On this page, you will learn how to request, delete, and manage firewall registrations.

 

Register servers 

Registration form 

Servers can be registered via the Firewall registration form.

Registration via email 

Alternatively, registered contact person can register servers via e-mail to noc@rwth-aachen.de. In order to facilitate our work, please use the following format:

# Service1

134.130.X.A Name_A.domain.rwth-aachen.de

134.130.X.B Name_B.domain.rwth-aachen.de

134.130.X.C Name_C.domain.rwth-aachen.de

# Service2

134.130.X.C Name_C.domain.rwth-aachen.de

134.130.X.D Name_D.domain.rwth-aachen.de

134.130.X.E Name_E.domain.rwth-aachen.de

  • Please use a tab stop between the IP address and the fully qualified domain name (format: host.domain.rwth-aachen.de) of the computer if possible.
  • Services and their SSL variants are not unlocked simultaneously anymore, please explicitly specify SSL/non-SSL.
  • If you don't know the name of the service, please specify the protocol and port number.
  • If the event that we are managing a packet filter on your router, please leave the note 'Gebäudefilter' (building filter) inside the text.

Key information on server registrations 

We only unlock computers that have an "alive" service so that connectivity- and securitytests (Sources: 134.130.3.0/25, 134.130.5.90) can be performed. To check the used ports enter the following in the Windows command prompt:

 netstat -an

In addition, only the latest software version should be used and in use of encryption a valid certificate needs to be installed.

 

The access to RWTH from the Internet is subject to the proviso that all security updates are installed on the servers and vulnerabilities with a rating of more than CVSS 5.0 are promptly eliminated.  The IT Center can prevent access from the Internet if a vulnerability is not resolved, or if the vulnerability scanner does not have adequate access to the server.

 

As a general rule, we'll configure the firewall based on typical protocol and port numbers of specific network applications / services. In particular, we will consider the "Assigned Internet Protocol Numbers" and "Service Name and Transport Protocol Port Number Registry" of IANA. Exceptions to this will be made in duly justified cases only.

 

Please note that we only unlock computers that are registered in the DNS. Additionally, we only unlock individual hosts for a specific service, no entire networks.

Deregister a server 

Existing servers can be deregistered via e-mail to noc@rwth-aachen.de.

View existing registrations 

Existing registrations are listed in the Firewall-viewer (accessible within RWTH networks by registered contact persons).

 

last changed on 08/11/2025

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License
Chat