If you are the owner or operator of an IT service related to U of T, then you may need to decide to allow, or deny, access to your service for users connecting through UTORvpn.

All UTORvpn users are being connected through Carrier Grade NAT. UTORvpn connections will come from the network range:

Specifically, we will block:

  • Nameserver (port 42)
  • DHCP (ports 67-68)
  • TFTP (port 69)
  • Netbios (ports 135, 137-139)
  • SNMP and SNMP trap (ports 161-162)
  • Ports 445, 593, 707, and 4444

If your service requires additional protocols or ports, please contact us with your business justification. Requests will be reviewed in the context of the service’s intended use and the University’s overall security posture. If your use-cases is limited to specific individuals please consider our AdminVPN service.

If you are identifying bad conduct originating from the UTORvpn network range, please contact us.

Statically Assigned IP Addresses

The legacy UTORvpn service allowed users to request a statically assigned IP address through UTORvpn. This is no longer a service being offered. While you can continue to use the OpenVPN based service and your statically assigned address through the migration period you will need to develop a new solution to your use-case. If it is simply to protect Remote Desktop, please consider the Remote Desktop Gateway service. Otherwise, please reach out to us and we will be happy to discuss options to meet your business need.