Cisco Firewall :: ASA 5510 8.3 - Unable To Open Ports?
Feb 19, 2012
I got a situation here for Nat-ed IPs i configured. I expected to open some ports on the interface to allow certain traffics to pass through, yet there are some of them are failed. Down is my current config.
object-group service DM_INLINE_SERVICE_1
service-object icmp
service-object tcp destination eq https
[Code]....
The only ports opened are 443, www, 3389 while ports domain, 5061,3478,3389. how to open domain, 5061, 3478, and 3389 ports on my ASA .
View 6 Replies
ADVERTISEMENT
Dec 1, 2011
I just finished implementing a VOIP install and I am trying to setup some softphones and in order to allow the softphones to work I need to open some specific ports for outbound. I am not a Cisco guy, I am a Windows Administrator that also has to maintain my Cisco infrastructure.
View 3 Replies
View Related
Apr 18, 2012
We have setup new ip camera system and as per our vendor to access the camera from outside we need to open,TCP ports and in firewall and forward to our camera server.
Let say our public ip address is 207.114.111.22 and our local ip address for the camera is 11.11.1.30. We have cisco asa 5510.
View 2 Replies
View Related
Jan 22, 2013
I'm setting up a second exchange 2010 server at a DR location and have been experiencing some problems. The two sites are connected via a pair of ASA5510's using the point to point VPN. I want to rules out any possible VPN issues that may be blocking ports and wanted to see if there is an easy way to do this and simply allow all traffic without any restrictions between the two ASAs. I've attached the scrubbed configs here...Ewing is the primary site and DBSi is the DR site.
View 2 Replies
View Related
Sep 15, 2011
I can't open up any ports.I've tried using applications such as Simple Port Forwarding, PFPortChecker and manually by opening my router gateway (192.168.1.1).I can open a port, but if I check whether the port is open, it says that the port is closed. I tried opening ports through Windows Firewall and even disabling firewall, still won't work.
View 14 Replies
View Related
Aug 31, 2012
A year or so ago, when Verizon was my ISP, I ran a Minecraft server with a Hamachi VPN. I had looked into forwarding ports at the time, but decided to go the VPN route because I wasn't completely sure how to assign a static IP to a computer on the network. I had absolutely no issues setting up the VPN or hosting a server on the network.Recently I decided to give port forwarding a go again. I successfully assigned the static IP and put the port number into my router's port forwarding settings, but the port was still closed. I tried using online port checker tools and having friends try to log into the Minecraft server. No luck.After reading multiple port forwarding tutorials to make sure I had everything correct and double- and triple-checking all my settings, I began to suspect that something else was causing the problem. I have an older router set up as a repeater on the network so my family can connect to the Wifi network from anywhere in our house. Thinking maybe the repeater or even the main router itself was to blame, I decided to try another router. After disconnecting the current routers and setting up a spare router I had, I tried everything again. Still no luck.
I tried opening different ports unsuccessfully. No port I tried opening would work. I decided to give in and just set up Hamachi again, since that had worked flawlessly before. However, after setting up a Hamachi VPN, I realized people could join the "room," so to speak, but could not connect to the VPN itself. Even hosting a Minecraft server over Hamachi wasn't working this time.Assuming it was just an issue with Hamachi, I tried another VPN software. I got the same error - people could log in, but not connect to the VPN. Thinking back to the port checker telling me port 80 was closed, I pretty well gave up.I've walked one friend through setting up a VPN the exact same way I did, and it worked on the first try. I walked another friend through assigning a static IP and forwarding ports. I don't know what's different about my network that won't allow either of these things. I've searched my router's configuration for any setting that would override port forwarding or block a VPN, but I can't find anything.
View 15 Replies
View Related
Mar 24, 2013
I am running a Linksys Wireless G 2.4 GHz Broadband Router Model WRT54G. I am unable to open any ports. I upgraded to the latest firmware yesterday but still am unable to open any ports. I even turned off my Symantec Internet Security Suite Firewall but still am unable to open any ports.
View 2 Replies
View Related
May 9, 2013
I have an ASA 5505 with ASA version 7.2(2) and ASDM version 5.2(2) and I am attempting to open ports 88 and 5445 and forward them to the IP address of my DVR. This is all new for me. I see several posts for other software version to do this same thing but my version appears to be older?
View 1 Replies
View Related
Jul 10, 2012
what are default ports are open on asa 5520 from outside interface (Zero level Security ) to inside interface (Security level 100)
View 3 Replies
View Related
Nov 27, 2011
I have an ASA 5501 running latest code. Per the article at [URL], I need to open the below ports. I have 5 Xboxes (when people come over) and they all have a static IP. My network is 192.168.0.x and is a /24 network.Xbox LIVE requires the following ports to be open: Port 88 (UDP)Port 3074 (UDP and TCP)Port 53 (UDP and TCP)Port 80 (TCP)port 1863 (UDP and TCP) (Kinnect) I defined the various network ports as a service and then created 5 hosts called xbox1, 2, etc with a static IP. I dont have access from the command line (forgot telnet and ssh passwords) , so from the gui, what do I do next?
View 7 Replies
View Related
May 5, 2013
I'm working on setting up a PBX server in our office, and I'm having trouble getting a port opened for SIP on my ASA 5505.I created static NAT rule for SIP traffic from internal server to the outside IP address.I created access rules on outside interface to forward port 5060 to internal PBX server (192.168.1.8)I also disabled sip packet inspection on the ASA.I'm still receiving a message from the PBX that the firewall is configured incorrectly.
[code]....
View 5 Replies
View Related
May 8, 2011
I need to open the following ports on a pix:
-tcp 3230 to 3235
-udp 3230 to 3253
How do I open the ports?
View 2 Replies
View Related
Aug 23, 2012
I need top open ports 80, 443 and 1882 to a specific external client (IP address).
View 8 Replies
View Related
Oct 12, 2011
How to list ports open on Cisco ASA 5505 appliance? I have tried to see using Cisco ASDM launcher, but no luck.
View 1 Replies
View Related
Feb 5, 2013
-I need to configure the following on my PIX:
TCP port 2195 - outbound
-TCP port 2196 - inbound
How would I configure this via ASDM?
View 3 Replies
View Related
Oct 20, 2012
I would just like to to open UDP port 123 in the ASA 5510 Firewall so that our Primary Domain Controller could use this port to sync time with an external time source. We have already added an access rule for this port under the firewall configuration in ASDM 6.4 and this port was also allowed in the inbound and outbound rule of the PDC's Firewall but it seems that it was still blocked.
View 23 Replies
View Related
May 23, 2012
I have the port numbers but do not know how to proceed from there. Router is a WRT160N V2.
View 9 Replies
View Related
Feb 14, 2012
We have an ASA5510 that we need to open port 25 to allow mail traffic to our internal Exchange server.We have 2 interfaces defined... one named Internal on eth0/3 ip 10.1.x.x and one named Internet on eth 0/0 ip 96.56.x.x.We followed the instructions in ASDM for allowing access to a public server but confusion over definitions have stopped us.ASDM asks for the internal interface and the internal server IP... no problem there because the internal interface and server have two different IP addresses. The Internal interface is eth 0/3 (10.1.1.1) and the server is 10.1.1.2.
However, when we get to the External interface (eth 0/1) there is only a single IP address 96.56.x.x but the ASDM asks for an Interface IP and the IP people would use to get to the mail server from the outside. Inasmuch as we have only 1 external IP address (which connects to our upstream Cisco router which in turn connects to the ISP modem) we used the same IP for both but the ASDM returns an error indicating they must be different.
Apparently we do not have a clear understanding of what the ASDM is actually asking for. When the ASDM asks for the external interface we assumed it was asking for the named value we gave the interface (which is Internet). The named value "Internet" has an ip associated with it 96.56.x.x. But when the ASDM asks for the ip people on the outside would use to get to the mail server (we created a named value called "mail server" and gave it the same ip address as the external named value. This duplication of ip address causes the ASDM to return the error stating that external Interface to be used and the external ip to be used cannot be the same.Have we made an error when we assumed that when the ASDM asked for the external interface it meant the ip of the external interface or was it asking for the eth number (as in eth 0/0) for the interface?
View 33 Replies
View Related
Mar 20, 2011
We are running a Cisco ASA 5510 in our district. We have been using it for about a year and a half after an upgrade from our PIX. I have been using the CLI to manage it but I wanted to start using the ASDM. I installed the ASDM Launcher last Friday but could not access it. I have enable the http server on the ASA, assigned an IP to the interface, and granted my machine's IP inside access. On Friday I was unable to launch the ASDM. I then downgraded Java. I came in this morning and was able to connect through the launcher. However I could not make any changes as it would give me an error message and often popped up with "lost connection" type messages. I then closed the ASDM but could not reconnect after that. When I try to connect through the launcher I receive the message "Unable to launch ASDM from 172.16.5.1: Connection reset". When I try https://172.16.5.1/admin/ from a browser I simply receive "page cannot be displayed". I'm not sure why I can't connect.
[Code] ........
View 31 Replies
View Related
Dec 6, 2012
We have a ASA5510 and I need to open port 22 for a speacific IP in our LAN outbound only.
View 15 Replies
View Related
Aug 10, 2010
Is there a way of ascertaining whether my 5510's have 1 memory slot or 4 memory slots without having to open the chassis?
View 6 Replies
View Related
May 9, 2011
Our cisco asa 5510 getting sometimes boot and sometimes not. sometimes LED on port comes back if boot and sometimes not. what are the parameter should be check to rectify problem.
View 3 Replies
View Related
Sep 20, 2012
Just doing some basic testing before we replace our ancient PIX 515E with a new 5512. I have a mini lab set up following the diagram below, although I am unable to telnet through to the mail server's netcat listener on port 25 TCP. I can ping all the way outbound from 192.168.101.1 to 10.0.0.2, and the 10.0.0.2 machine shows it is translated properly to 200.225.117.1.
NAT and access rules are as follows:
object network mail
host 192.168.101.1
description Mail relay
access-list inbound extended permit ip any host 200.225.117.1
[code]....
EDIT: Somehow the new global access rule is involved. When adding a permit any any in there I can get to the mail server no problem. When I remove it but leave in my permit ip any any on the outside interface, I am denied?
View 3 Replies
View Related
Dec 16, 2012
Trying to get port forwarding going using ASDM 6.4 on a Cisco 5510
I want to forward port 25/Smtp to 192.168.1.10
I have added all the rules as outlined in the link below. [URL]
But when running an open port checker on [URL]
It says the port is closed, I have noticed that under Access Rules under the Hits columns it says 52 ?
View 7 Replies
View Related
May 22, 2012
i have a cisco asa 5510 and would like to add a NAT rule for a range of ports like 50000-59999
View 1 Replies
View Related
Feb 4, 2013
I have inherited an asa 5510 whit 4GE SSM module installed. The asa runs fine, but i can not use the 4GE SSM ports. Using ASDM or console i can get and configure the gigabitethernet1/x ports but i can not get traffic on it. The ping from the console to the ip address of the Gigabitethernet1/0 is successful. On switches or hubs connected to those ports i can not see the port's mac address. The two Internal-data0/0 and Internal-data1/0 are down and i can get they up. How to configure 4GE SSM or ASA internal-data ports.
View 8 Replies
View Related
Aug 10, 2011
enabling traffic between interfaces on the ASA 5510. Of course I have an outside interface E0/0 and an inside interface (E0/1) for normal operation. The idea was to enable one of the remaining interfaces on the 5510 to attach an internal network resource to for management in case we lost our switch. I am using E0/0 as the outside interface and the inside interface is E0/1. I am wanting to attached a management device on the same inside network IP address range for simplicity. I have E0/2 configured for the same security level (100) as the other inside interface and I also have enabled same-security-traffic permit inter-interface as well but I still cannot access the device on that port. Is there something else I am missing? I guess the best way to explain this is that I want ports E0/2 and E0/3 to act like a "switch" so to say...... The ASA 5505 lets you do this pretty easy but having trouble on the 5510.
View 4 Replies
View Related
Nov 7, 2011
We have just acquired a cisco profile 42 video conferencing equipment and am required to open ports for SIP and H232, any pointers on hw that can be acquired i have a cisco ASA 5510, Some one told me to open port 16384 but i need pointers on how to do it becuase I already set an access list to any.
the config
Internet -> ASA 5510 -> Switch -> Profile 42 and other devices
View 5 Replies
View Related
Oct 17, 2012
I have an issue on an ASA 5510 that I have noticed today, when I am using the log viewer all of the information recorded only shows the high end source and destination ports. For example
Source IP 10.10.4.69
Source Port 59886
Destination IP 8.8.8.8
Destination Port 59866
So what seems to be happening is that I am seeing only half of the connection in the log viewer, I see the side with the high end ports and not the side with the ports the application uses, this example was done with a ping. All my services are working correctly and the client sending the ping gets the response expected, it just seems I have lost the logging display?
View 4 Replies
View Related
Feb 26, 2013
I have some problem with the ASA 5510 ver 7.0(6). My manager wants to keep this as backup. tried lots of things but still users not able to access internet nor can i ping anywhere.For example when i ping 4.2.2.2 i dont get any reply.The runing config is below for ur ref :
HQ-ASA-01# show running-config
: Saved
:
[Code]......
View 9 Replies
View Related
Jul 29, 2012
I am unable to see 4th interface on my firewall i.e fastether0/3 on my firewall ASA 5510.
Below is the output.
ciscoasa# sh int ip br Interface IP-Address OK? Method Status Protocol Ethernet0/0 x.x.x.x YES CONFIG up up Ethernet0/1 x.x.x.x YES CONFIG up up Ethernet0/2 unassigned YES unset administratively down down Internal-Control0/0 127.0.1.1 YES unset up up Internal-Data0/0 unassigned YES unset up up Management0/0 192.168.1.1 YES CONFIG up up
View 8 Replies
View Related
Dec 13, 2011
I follow the steps according to the basic settings provided by Cisco Support forum, but still failed to access the internet,
ASA5510# sh run: Saved:ASA Version 8.2(1)!hostname ASA5510domain-name xxx.comenable password passwd names!interface Ethernet0/0 nameif outside security-level 0 ip address x.x.x.x 255.255.255.248 ospf cost 10!interface Ethernet0/1 nameif inside security-level 100 ip address 10.161.9.14 255.255.255.0 ospf cost 10!interface Ethernet0/2 no nameif no security-level no ip address!interface Ethernet0/3 no nameif no security-level no ip address!interface(code)
View 9 Replies
View Related
Aug 23, 2011
I have not worked with ASDM in a while. I have a 5510, with asdm-645.bin in the flash. The device runs version 8.4(2). I can download ASDM from the http interface of the firewall from the management interface. But I can not log in. I have used blank username and password, no username and enable password, blank username with enable password and a few other permutations. I then tried to connect to the asdm interface from inside also. But I can not connect. Needless to say, I have enabled http, and updated the http access-list. The only logging I have enabled is buffered. Is there any configuration that I am missing? Shall I cut and past the config?
View 4 Replies
View Related
