We created a page for our HelpDesk to use that uses the API to  
register the device.  The HelpDesk checks the MAC Address prefix  
against the OUI database to verify that it's not someone's router or  
pc.  The web form creates an "allow" filter with a description that  
includes:
     who registered it
     who it's registered to
     what type of device it is
     the date it was registered.

We've looked at eventually moving these devices from "allowed" to a  
specific role, but we wanted to see what other schools' experiences  
were first.

Michael Grinnell
Network Security Administrator
The American University
e-mail: [log in to unmask]

On Sep 8, 2005, at 12:28 PM, WENDY SHIH wrote:

> I am also looking for solution without managing hundreds of  
> ports.   At the
> beginning of semester, we allow game devices to get online without
> registration and just opening those gaming ports.  But now, we found
> managing ports are too labor intensive after seeing all the port  
> requests
> coming in.    Some popular games also use port 80/443, do you just  
> open
> those ports or allow those hosts?
>
>  What is the good solution you have that you and users are both  
> satisfied
> for xbox and ps2?   1. Web page registration  2. walk-in registration
> showing game device at HelpDesk  3.  managing ports /hosts?
>
> Thank you.
>
> Wendy Shih
> Kent State University
>
>
>
>
>
>              "Joyce, Todd N"
>              <[log in to unmask]>
>              Sent by:  
> Perfigo                                           To
>              SecureSmart and              [log in to unmask]
>               
> CleanMachines                                              cc
>              Discussion List
>              <[log in to unmask]                                   
> Subject
>              OHIO.EDU>                    Playstation - Socom Navy  
> Seals
>
>
>              09/05/2005 02:23 PM
>
>
>               Please respond to
>              Perfigo SecureSmart
>               and CleanMachines
>                Discussion List
>              <[log in to unmask]
>                   OHIO.EDU>
>
>
>
>
>
>
>
> It seems that Socom Navy Seals uses UDP port 6000 - 6999.
>
> Anyone know an easy way to open that many up other than 1 by 1
>
> That would be a great feature enhancement if anyone is out there from
> the Cisco Side
>
> Here is what I found online
>
>
> 20. What ports do I need to forward for [insert game title here]?
> SOCOM 1, SOCOM II (2), Twisted Metal Black Online, NFL Gameday:
> Tell the router to allow TCP Ports: 10070 - 10080 and UDP Ports
> 6000-6999 to send data and recieve data.
> Tony Hawk's Pro Skater 4 and Tony Hawk's Underground 2:
> UDP port 5150.
> Frequency and Amplitude:
> TCP Ports 10070 - 10080 and UDP Ports 10070 and you need to allow
> incoming ICMP Echo Reply.
> Madden NFL 2003 and 2004:
> UDP ports 1791, 1792, 9995 and 9996.
> Medal of Honor: Rising Sun:
> TCP 13505, TCP 443, UDP 3658/3659, UDP 6000/6001 (for voice chat).
> Also, if using a router or a firewall, you MAY want to foreward port
> 28500 to address 10.14.248.177
> Final Fantasy XI:
> TCP 25, 80, 110, 443, and 50000 - 65535
> UDP 50000 - 65535
> TCP 1024 - 65535
> Madden NFL 2006 Ports:
> HTTP: 80 (outbound only)
> HTTPS: 443 (outbound only)
> TCP: 13505, 26300-26399 (outbound only)
> UDP: 1795, 1797 (inbound and outbound)
> GoldenEye Rogue Agent Ports:
> Ports 21600-21699 are TCP and are outgoing ports for connecting to the
> Lobby server.
> Port 13505 is TCP and is an outgoing port for connecting to the EA
> Messenger (buddy list) server.
> Ports 3658 & 3659 are UDP and are incoming/outgoing ports for  
> connecting
> to another user to play a game.
> Port 6000 is UDP and is an incoming/outgoing port for connecting to
> another user for headset use during a game.
>
>
>
>
> todd
>
> Todd Joyce
> Network Services
> Radford University - The Smart Choice
> [log in to unmask]
> (540) 831-7777
>
> There is no good way to bring a cupcake to work.
>