![[design/2014/cvut-logo-en-white.png]](https://fs.cvut.cz/content/images/design/2014/cvut-logo-en-white.png){kind=logo}
![[design/2014/cvut-logo-en-print.jpg]](https://fs.cvut.cz/content/images/design/2014/cvut-logo-en-print.jpg){kind=logo}
Network connection
- Network connection
- TCP/IP settings
- Protocols and services
- Additional information
- FAQ
Active elements, hubs, switches, routers, AP
Connecting active elements (hubs, switches, routers, AP wifi, etc.) is strictly prohibited without consulting the site (domain) administrators of the faculty Computer Center.
Terminal connector – Network cards with RJ45 connector (wire)
In general, you can use only hardware types that meet the requirements for an Ethernet network. Only registered cards can
be involved. Card registration is performed by the subsite administrator of the department.
To connect the card to active sockets, activate or provide UTP cables, please ask the subsite administrator or Computing
Services Centre site (domain) administrators. A list of each user's registered network cards is available from DUPS.
Terminal equipment – Wifi
The Eduroam network is available for employees and students and is also available at other universities. The network setting is
| SSID | eduroam |
| Connection | key verification: WPA/WPA2, encryption: AES/TKIP |
| Authorization | using radius server (see instructions below) |
| IP space | IPv4: 147.32.184.1-147.32.185.254, addresses are assigned automatically, manual configuration is considered a rule violation |
| Firewall, restriction | port 25 - SMTP, outside faculty SMTP (smtp.fs.cvut.cz) |
| Availability | approx. 45 AP in Dejvice (corridors and lecture halls, limited indoor laboratories), approx. 25 AP at the Charles Square (building A, B, D), approx. 8 AP in Horská (lecture room 136, 12142) |
Radius server settings for connection to Eduroam:
- server - radius.fs.cvut.cz
- certificate - AddTrust External CA Root (chain > USERtrust RSA Certification Authority > TERENA SSL CA 3), if you do not have it installed, use TERENA SSL CA 3 or the whole chain TERENA SSL CA 3
- login name - login@fs.cvut.cz (not email address)
- password - mobility password, not master CTU password.
To automatically set all parameters, please use the CAT installation tool (for various platforms - Windows, MAC OS, Android, Linux ...), or the self-installation package for Windows, or the instructions on eduroam.cz, you can use various instructions in the FAQ to solve problems.
You can find more information about Eduroam at eduroam.cz or eduroam.org, including a list of connected organizations, ie all places where you can join.
VPN - Virtual private network
If you want to use FME computer services at home, you can connect to our network using a virtual network (VPN). Then your PC or laptop will have an address from the CTU space and will not be tied to where you are. You will therefore be able to do FIS, license servers, etc ...
Connection parameters
| server name | https://vpn.fs.cvut.cz |
| server type | SSL VPN Fortinet VPN using a web client or OS services |
| login name | CTU login name (eg bondjame, not e-mail and without @ fs.cvut.cz!) |
| password | CTU master password (not mobility password) |
Detailed VPN settings can be found in the FAQ FS#426
TCP/IP settings
The only possible way to configure TCP/IP is using DHCP. The exception can be approved by the FS domain administrator. Other servers and services that can be set up are:
| SMTP server for sending | smtp.fs.cvut.cz (no authorization required from the internal network, see E-Mail for more information) |
| time servers (NTP) | tick.fsid.cvut.cz (stratum 2) |
Protocols and services
The operated services and network software must not be in conflict with the FME rules and university rules (for example, the operation of commercial websites, etc.) and, of course, the laws of the Czech Republic and good morals. It is also not possible to run the following services:
- DHCP/BOOTP server
- DNS server
- SMTP server
- NAT a VPN server
If you intend to run the service and you are not sure whether it is possible, please consult with Computer Servicing Centre.
Seamless operation of the following services:
- FTP server
- WEB server (we recommend considering hosting on Computing Centre)
- license servers
- Windows sharing (Windows, Samba...)
- remote desktop (RDP)
- database servers (MySQL, PostgreSQL, MSSQL...)
Services and protocols other than TCP/IP can be operated after consultation with the Computing Service Centre.
Additional information
This document is a supplement to the FME rules, CTU rules and provides binding instructions for the installation and configuration of network hardware and software in the FME computer network. This document can be continuously supplemented and modified according to current needs.
Note: Installing network software and hardware or making changes to its configuration is only permitted for subsite administrators or server administrators who are responsible for these installations. For more details, see the Rules for the Operation of Computer Networks FME CTU.