Skip to main content
IT Community Partnerships Indiana University

UITS Admin Staff VPN – Change to External Traffic

Posted on by dahathaw

IT Colleagues,

We’d like to bring your attention to the following information from the University Information Security Office (UISO):

Overview
The UITS Admin Staff VPN [1] has changed how it handles traffic to external resources so that outside vendors may restrict network access to an external IP range. Prior to this change, UITS Admin Staff VPN connections to IU resources would use an IP from the IU VPN internal IP address pool, while connections to outside resources leveraged the public IP address provided by your internet service provider (ISP) [2].

Action Required for IP Restricted External Connections
For UITS Admin Staff VPN connections to outside vendors [3] with IP restrictions, the vendor must update their firewall to allow the external IP range. Please note that most vendors do not restrict access by IP address, but if you are unable to connect to an outside vendor while on the UITS Admin Staff VPN, you will need to contact the vendor for assistance.

Action Required for IP Restricted Internal Connections
Owners of internal IU resources that restrict network access to UITS Admin Staff VPN will continue to allow the internal IP range for their data center [4,5] and system’s local firewalls.

Adding Users to the UITS Admin Staff VPN
If your department or team does not already have an Access Control Management (ACM) group [6,7] for the UITS Admin Staff VPN, your IT manager may submit a request to add a group via the UITS Admin Staff VPN Request Form [8].

Support
Please contact uiso@iu.edu with any questions.

Sincerely,

-IT Community Partnerships on behalf of the University Information Security Office (UISO)

[1] https://servicenow.iu.edu/kb?id=kb_article_view&sysparm_article=KB0023005
[2] https://servicenow.iu.edu/kb?id=kb_article_view&sysparm_article=KB0023102
[3] Examples include SaaS, databases, web databases, vendor administration, etc.
[4] https://servicenow.iu.edu/kb?id=kb_article_view&sysparm_article=KB0023192
[5] https://servicenow.iu.edu/kb?id=kb_article_view&sysparm_article=KB0023054
[6] https://gm.acm.iu.edu/
[7] All UITS Admin Staff VPN groups must be created in ACM, synced with Active Directory, flat (no nested groups), and contain only staff.
[8] https://iunetworks-fireform.eas.iu.edu/online/form/authen/vpnadminrole?_gl=1*106mxhr*_ga*NDI2MDgxNjQwLjE3NDY2Mzk0NTk.*_ga_61CH0D2DQW*czE3NTE0NjMwMjUkbzY4JGcxJHQxNzUxNDY0MTgzJGoyMyRsMCRoMA

Skip to toolbar