Open
Conversation
Update conf.py for NX download link
lexming
reviewed
Feb 4, 2026
Collaborator
There was a problem hiding this comment.
I suggest to not add a new section called Additional Firewall layer as that is ambiguous and a bit confusing. Instead we can rename the previous section from Connections from Abroad to something like Location Access Restrictions; and then explain what restrictions are in place with a tabbed table per site:
- KU Leuven clusters:
- managed laptops
- unmanaged laptops
- UAntwerp clusters:
- restrictions from abroad based on IP (copy paste existing text in
Connections from Abroad)
- restrictions from abroad based on IP (copy paste existing text in
- UGent clusters:
- restrictions from abroad based on IP (copy paste existing text in
Connections from Abroad)
- restrictions from abroad based on IP (copy paste existing text in
- VUB clusters:
- restrictions from abroad based on IP (copy paste existing text in
Connections from Abroad)
- restrictions from abroad based on IP (copy paste existing text in
| Additional Firewall layer | ||
| ========================= | ||
|
|
||
| Beginning of March 2026 an extra firewall layeter will be introdcued to connect to VSC clusters at KU Leuven: |
Collaborator
There was a problem hiding this comment.
Suggested change
| Beginning of March 2026 an extra firewall layeter will be introdcued to connect to VSC clusters at KU Leuven: | |
| Beginning of March 2026 an extra firewall layer will be introduced to connect to VSC clusters at KU Leuven: |
Comment on lines
+89
to
+95
| There will be a difference between connecting from a managed Ku Leuven laptop and unmanaged laptops. KU Leuven managed laptops will use only the MFA (certificate) for connections both from Belgium and from abroad (without requesting :ref:`additional firewall login <additional_firewall>`). | ||
|
|
||
| On the other (non-KU Leuven managed laptops) there are several possibilities to connect to the Ku Leuven VSC clusters: | ||
|
|
||
| * Certificate only connection is possible from VSC network (other VSC clusters), | ||
|
|
||
| * Certificate and firewall will be nessary for all other cases: connecting from VPN B zone, from other VSC usniversities, from other Belgian IP addresses and from abroad. |
Collaborator
There was a problem hiding this comment.
Maybe it is clear to follow with a list:
Suggested change
| There will be a difference between connecting from a managed Ku Leuven laptop and unmanaged laptops. KU Leuven managed laptops will use only the MFA (certificate) for connections both from Belgium and from abroad (without requesting :ref:`additional firewall login <additional_firewall>`). | |
| On the other (non-KU Leuven managed laptops) there are several possibilities to connect to the Ku Leuven VSC clusters: | |
| * Certificate only connection is possible from VSC network (other VSC clusters), | |
| * Certificate and firewall will be nessary for all other cases: connecting from VPN B zone, from other VSC usniversities, from other Belgian IP addresses and from abroad. | |
| There will be a difference between connecting from a managed KU Leuven laptop and unmanaged laptops. | |
| KU Leuven managed laptops | |
| Use MFA (certificate) for connections both from Belgium and from abroad. No need to request :ref:`additional firewall login <additional_firewall>`. | |
| Non-managed laptops | |
| There are several possibilities to connect to the KU Leuven VSC clusters: | |
| * Certificate only connection is possible from the VSC network (_i.e._ other VSC clusters) | |
| * Certificate and firewall will be necessary for all other cases: connecting from VPN B zone, from other VSC universities, from other Belgian IP addresses and from abroad |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Preparation for new central firewall setup at KU Leuven (not yet to be merged to master until almost applied)