Information Technology Services (ITS) System Administrators will be making an emergency change to the Central Authentication Service (CAS) at 3 p.m. on Thursday, May 14. This change is required to address a network configuration that has the potential to create unplanned service interruptions. System administrators of services that utilize CAS may need to adjust their configurations as a result. (Note: this change DOES NOT affect Blackboard or Shibboleth applications)
ITS is changing local DNS records for login.gmu.edu and devlogin.gmu.edu to ensure synchronization with Amazon Web Services (AWS) network address changes. In order to work with this change, systems that use CAS may need to relax outbound host-based firewalls, removing any rules that restrict CAS sessions to specific network addresses – currently 220.127.116.11 for login.gmu.edu and 18.104.22.168 or 22.214.171.124 for devlogin.gmu.edu.
ITS is making this change to address an authentication service disruption that occurred Monday, May 11 with devlogin.gmu.edu. On Monday, the network addresses associated with devlogin.gmu.edu changed, disrupting authentication for associated services. While ITS was able to restore authentication, this incident presented an urgent need to modify local DNS and host-based firewall configuration to better accommodate AWS network address changes and prevent future service disruptions.
If you have any questions or experience problems with CAS, please contact the ITS Support Center at 703-993-8870 or firstname.lastname@example.org.