Cisco Firewall :: ASA5555-X - Spare Ports Into Access Ports?

May 14, 2013

Is there a way to associate spare firewall ports with another port that is being used..For gi 0/2 is being used currently for my web dmz. Its ip is there a way for me to associate gi 0/3 with the same layer 2 as gi 0/2 ?
In my webdmz I use 2 ACE 4710 proxys in FT mode. I used a layer 2 switch to connect firewall and proxys together.
I would like to eliminate this switch if possible..and connect both 4710's (layer 2) direct to firewall.If I could make gi0/2 - 4 part of the same vlan, then I would be good to go.

View 2 Replies


Cisco Firewall :: ASA 5505 / Use The Ethernet Ports As Pure Physical Layer 3 Ports

Jun 9, 2013

We have an ASA 5505. 5505 comes with two default vlans 1&2 with each of them marked as inside & outside respectively.My query is , if i do not want to use vlans on 5505 and only want to use the Ethernet ports as pure physical layer 3 ports, is it possible?i.e. i want to assign a layer 3 ip address on eth0/0 and eth0/1 and make them as the inside & outside interfaces rather than vlans. is it possible to do away with vlans in 5505 & will it work otherwise?

View 3 Replies View Related

Cisco :: Changing Link Ports To Access Ports In LMS 4.1?

Feb 2, 2012

One of techs accidentally connected two access ports from different switches together.  Since then, LMS is alerting them as being Link ports down.  I tried to default the config and set them to access ports without any success.  what I should do in LMS to recognize them as access ports? 

View 2 Replies View Related

Cisco Firewall :: Ports To Be Opened Up For Hosted Voice Access On ASA 5515X

Sep 23, 2012

I have a customer who is going to host a VOICE services like providing SIP services to its customers. What specific ports required to be opened up for this on ASA  5515X. I would rate it ASAP.

View 3 Replies View Related

Cisco Switching/Routing :: RV042 - Firewall Blocks Ports Though Access Rule

Dec 10, 2011

I have a Cisco RV042 Wired Router. I've got a static IP and a MS Small Business Server in my Router Network. I have forwarded the essential ports to use the IIS and the Exchange Server of my SBS2011 (HTTPS, HTTP, smtp, rpc). I have also created some access rules for these ports, but I don't have any access on my server services, if the firewall is activated.
Here are my Firewall Access Rules from the RV042 Web Interface:

View 16 Replies View Related

Cisco WAN :: How Many Of 881 Switch Interface Ports Can Be Used As Router Ports

Aug 7, 2011

How many of the 881 switch interface ports can be used as router ports, have used the 877 etc where i can use 2 but need a low cost router that supports 3 for routing. (needs to be physical ports)

View 2 Replies View Related

Cisco Firewall :: ASA 5505 - Unable To Access Certain Ports Over Site To Site VPN

Jan 16, 2013

We have a client that has a Cisco 1801W Firewall that is setup as a site to site VPN terminating to a Cisco ASA 5505. The tunnel is up and established, I can ping from both sides of the tunnel.
The problem is the clients behind the Cisco ASA (192.168.2.x) cannot reach certain ports behind the Router (192.168.1.x). The main thing we're trying to do is browse via UNC path (ex: \ from a 192.168.2.x machine).
I got 3389 working after I changed the - ip nat inside source static tcp 3389 y.y.x.x 3389 route-map DM_RMAP_1 extendable Modified the command to include the public IP instead of interface FastEthernet0
I believe it has something to do with the way NAT and route-maps are setup currently but I'm not familar enough with them to make the changes. I worked with Cisco to ensure the VPN tunnel was fine and it's something security related on the Router.
Here is the configuration (removed a few lines not necessary. y.y.x.x = WAN IP of Router x.x.y.y = WAN IP of ASA).
Building configuration...
Current configuration : 23648 bytes
version 12.4
no service pad


View 1 Replies View Related

Cisco Firewall :: 3389 Static NAT Ports PIX Firewall

Jul 11, 2011

There is a PIX firewall and it has this configured on it.static (inside,outside) tcp interface 3389 3389 netmask 0 0.This line of code works ok for port 3389 but I want all tcp ports to be translated.  Not just 3389. 

View 2 Replies View Related

Cisco Firewall :: Open Ports On Firewall ASA 5510

Apr 18, 2012

We have setup new ip camera system and as per our vendor to access the camera from outside we need to open,TCP ports and in firewall and forward to our camera server.
Let say our public ip address is and our local ip address for the camera is We have cisco asa 5510.

View 2 Replies View Related

Cisco :: Opening Ports On Firewall?

Apr 24, 2012

We have a DVR here at work that has a web interface on port 100. From our internal network we just use http: What is the best way to set that up on cisco 5510 firewall. I have cisco asdm and set a access rule: enabled=checked ; source=any ; destination= ; service= tcp 100 ; action=permit. It shows a couple of hits when I go to [URL]

View 7 Replies View Related

Cisco AAA/Identity/Nac :: Getting ACS 5.x Firewall Ports?

Jun 8, 2011

We will be upgrading from 4.x to 5.x and need to verify if any needed ports will have to be alllowed through the firewalls. Is there a list of required ports somewhere, I have searched but am coming up empty-handed.

View 2 Replies View Related

Security - How To Add Ports To Cooperate Firewall

Sep 27, 2012

I am trying to configure a recently purchased Barracuda Web Filter, After adding the IP address, DNS Server, Default Gateway and the new setings, I am now trying to configure my Corporate Firewall..I do not know what Coporate Firewall the manual is reffering too.

View 1 Replies View Related

Cisco WAN :: Access And Trunks Ports On ASR9K?

Feb 5, 2012

I need to adapt a Cisco Catalyst switch configuration into a new ASR9000 router and I do not know how to configure trunks and access ports on an ASR9K router.
This is the configuration of the catalyst switch I want to replace.
interface GigabitEthernet1/0/1
description Access-Port -> SERVER
switchport access vlan 5
spanning-tree portfast

Am I right? Or do I need to use the command “rewrite ingress tag pop 1 symmetric”on any of the interfaces o subinterfaces? Do I have to configure the command “encapsulation dot1q untagged“ on the GigabitEthernet0/0/0/0.5 subinterface?

View 5 Replies View Related

Cisco :: How To Monitor Access Ports To Server On LMS 4.0

Mar 5, 2012

I would like to monitor access ports to servers in cases:

- When port to server down, alert appears in Fault Monitor panel

- Monitor when bandwidth utilization of access ports exceeds 60%.
I configured Fault Threshold on DFM>System Defined Groups>Access port Settings and Poller settings on the same group but it did not work when I shut a port to server.

View 2 Replies View Related

Cisco Firewall :: Asa 5510 - Sometimes Boots And LED On Ports Comes On

May 9, 2011

Our cisco asa 5510 getting sometimes boot and sometimes not. sometimes LED on port comes back if boot and sometimes not. what are the parameter should be check to rectify problem.

View 3 Replies View Related

Cisco Firewall :: 5505 - Block Everything Except A Few Ports

Apr 15, 2013

We have a client that is running a PC on a internet over satellite. To avoid any unessecery traffic over the satellite link (data traffic is quite expensive), we've suggested to use a 5505, as we had one handy already.
So basically what we wanted was to block everything outgoing and everything ingoing, except for example port 22 (ssh).
But I'm struggling a bit, since this is my first cisco router to be configured.
My interfaces are as follows.
Outside - DHCP
Inside (port 1) -
I'm only running ipv4.
in ASDM I made a static NAT rule for port 22, being forwarded to (the computer)
in Access rules I made under outside (incomming rules) source=any destination=outside service=ssh action=permit
But when I try to add further rules to block everything else, it takes the SSH on port 22 with it. How should I do this the easiest way?
the hardware setup is pretty straight forward.
sat-terminal(with IP running DHCP)   ->  5505 (outside IP=DHCP - inside IP=   ->    computer (IP=

View 24 Replies View Related

Cisco Firewall :: Set Up QoS On ASA5505 For Specific Ports

Mar 18, 2012

I wish to set up a ASA5505 with QoS, and to allow specific port numbers to have priority going through compared to rest of the traffic. Eg ports 21, 80, 443. So for example if im maxing out a torrent, it doesnt impact web traffic etc.The current link its connected to is 100mbit/2.5mbit connection..

View 1 Replies View Related

Cisco Firewall :: Open Ports On ASA 5510

Dec 1, 2011

I just finished implementing a VOIP install and I am trying to setup some softphones and in order to allow the softphones to work I need to open some specific ports for outbound.  I am not a Cisco guy, I am a Windows Administrator that also has to maintain my Cisco infrastructure. 

View 3 Replies View Related

Cisco Firewall :: ASA 8.2 Won't Pass Ports Through Forward NAT

Nov 15, 2011

We're trying to get a remote access setup for someone who needs to have access from offsite. To make things easy we set it up with a virtual machine running Windows 7 and RDP. Because the "other end" isn't our computer and we've had some difficulties with people using the Cisco VPN client successfully, we were just going to set up a machine as a RDP Gateway and forward the port through the firewall (WebVPN might be nice, but the plugins only do RDP through v5.x). I've tried this on 8.4-1 and after reinstalling the latest 8.2, and supposedly the NAT works and there is a firewall rule allowing access from the outside to the RD-GW server on HTTPS, but the ASA is still blocking those packets. I've looked at 4 howtos and followed them, trying from the console and from ADSM (and one trashed the whole setup, probably related to the reinstall of 8.2) - [code]

View 4 Replies View Related

Cisco Firewall :: ASA 5505 - PAT Range Of Ports

May 31, 2011

I've an ASA 5505 as my gateway for my internet at home. I've one public IP, so I use Port Address translatetion for my internal clients.
Now i wanna setup a FTP server, on a internal client. I will use Filezilla FTP server. I'm running the FTP server in passive mode, since the FTP server would be behind my ASA firewall/nat device.
I need 50 ports for the passive mode to be running.
I will use port range 50000-50050. I can easy make a firewall rule (access-list) that permit that port range.
But how do I PAT(NAT) a port-range on the ASA device? I can only figure out how to NAT one port at the time.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 Open Ports For DVR?

May 9, 2013

I have an ASA 5505 with ASA version 7.2(2) and ASDM version 5.2(2) and I am attempting to open ports 88 and 5445 and forward them to the IP address of my DVR.  This is all new for me.  I see several posts for other software version to do this same thing but my version appears to be older?

View 1 Replies View Related

Cisco Firewall :: Forward Both TCP And UDP Ports 3074

Feb 25, 2013

I am trying to forward both TCP and UDP ports 3074 but it looks like I can only have either TCP/3074 or UDP/3074 open one at a time.  When I try to enter the UDP/3074 NAT statement, I get "ERROR: NAT unable to reserve ports". [code]

View 4 Replies View Related

Cisco Firewall :: Forward Some Ports On ASA 5505 8.2?

Nov 7, 2011

I need to forward some ports for remote desktop and remote outlook which I host on an internal server. I have looked all over the web and got close, but no hints on how to do it in the asa 8.2. there is an 8.3 guide, but it is just different enough to not work. I am new to this device and cli.

View 3 Replies View Related

Cisco Firewall :: Opening Ports On 5505?

Jan 2, 2013

I am trying to configure a new 5505 but I am having difficulties opening ports that allow traffic in from the outside. My setup is Comcast Business Modem (w/ single static IP) -> ASA ( -> (dumb) Switch -> NAS ( I am attemping to open port 5001 to the NAS. I am very new to IOS so I have mostly been working in ASDM. Not sure if I am overcomplicating this for myself or what but I am stuck.
My running config is -
ASA Version 8.2(5)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted


View 4 Replies View Related

Cisco Firewall :: Possible To Convert Any Two Ports Of ASA 5520 As L2

Apr 13, 2011

is it possible to convert the any two ports of  asa5520 as L2 ports . If so kindly let me know how that should be done. We are planning to connect our hsrp switches to these switch ports instead of using a separate switch thats why.

View 1 Replies View Related

Disabling Internet Access On Certain Switch Ports But Not Others?

Oct 12, 2011

I have a central cisco SG200 26P switch, with about 20 ports going off to other network switches, and individual computers around the building.I need to keep the LAN functionality of the network, but I need the majority of the computers to not have internet access. But I also need to be able quickly re-enable internet access for a particular computer connected to a particular port if required.

View 3 Replies View Related

Ethernet Ports On Wireless Access Point?

May 9, 2012

If I hook up a wireless router as an access point will both the Ethernet ports and the wireless connection on that router work?

View 2 Replies View Related

Cisco Switches :: SF-300 Deny Access To From One Port To Other 4 Ports

Jul 20, 2011

I have 5 VLANs, I assign VLANs to its ports and make them all Untagged.I created ACLs and a ACE rules for each ACL, and then assigned to the ports.So what i am trying to do is to deny access to from one port to other 4 ports and granted access to any other ports. But it is not working, without last rule "allow any any" it has no access to any ports, with the last rule it grants access to every port even to those I denied.Router in Layer 3 mode, all VLANs have their IP's.
At some moment I was able to work it properly but without using any rules, I just tagged my untagged VLANs to those ports which I wanna get access to. As you can see I want allow ports GE1 - GE4 communicate with 1 to 24 ports but not to each other.

View 5 Replies View Related

Cisco VPN :: 1841 - Ports Allowed In Access List

Oct 14, 2012

Users behind a Cisco 1841 are not able to connect to a network using the Cisco Systems VPN Client. Transport is IP sec over UDP (NAT/PAT). Connection just times out.
Which ports should be allowed in the access list? Or do you have an link to a article for this?

View 5 Replies View Related

Cisco VPN :: ASA 5520 / Remote Access VPN - Allow Based On Ports

Jan 25, 2013

I have Cisco ASA 5520 / ASA Ver: 8.0(4) / ASDM Ver: 6.1(3). I have configured Remote Access VPN and everything seems to be fine. Like i have created Extended ACL and allowed for singe host with particlar port to be allowed.

After login with the Anyconnect client, i am restricted to access the single host configured, but not based on ports. i.e. i do not want user to RDP the server allowed, but only access the application based on the port that is allowed. But somehow it is not working.
how can i allow user to access a server with defined port only and not any other service/port access for the server.

View 4 Replies View Related

Cisco LAN :: 2651xm Restrict Access To Router Ports

Feb 20, 2013

cisco 2651xm router
IOS: c2600-ipbasek9-mz.124-15.T14.bin
I have a 16 port hub (NM-16ESW) installed in this router. Is there a way to lock down this hub so that only whitelisted machines will be allowed to connect to its ports? ie: by mac address or some other type of permission method? How to be able to plug their computer into the hub and join the network unless their device has been ok'd first.

View 12 Replies View Related

Security / Firewalls :: All Ports Blocked Even With DMZ And Firewall Down

Oct 16, 2012

I've been trying to open ports 5800 and 5900 for UltraVNC and checking them with online port checkers, but they are always listed as closed. I've even tried taking town windows firewall, my router firewall (although as soon as I disable and apply, it automatically switches back to enabled again), and also DMZ'ing my router. I wonder if it might have something to do with my new modem, but in the config page for that, the advanced settings are locked out. the modem is an arris TM722G, and the router is a linksys wrt-54G with DDWRT firmware.

I'm running windows 7 x64 and using a static local IP, I want to be able to use DynDNS to connect to UltraVNC.

View 19 Replies View Related

Cisco Firewall :: How To Allow Traffic On Ports 3389 (rdp) And 8007

Apr 18, 2011

I would like to know how can we allow traffic on ports 3389 (rdp) and 8007 which comes from any to but pretend to be a Phones interface [code]

View 9 Replies View Related

Copyrights 2005-15, All rights reserved