Cisco Switching/Routing :: ASA 5505 Port Is Coded Open / But Says Closed
Feb 19, 2013
I have a Cisco ASA 5505 with a fairly simple set up. Few VPN tunnels and only 3 open ports for applications. I have entered the following lines static (inside,outside) tcp interface 9002 10.0.3.230 9002 netmask 255.255.255.255 access-list outside_access_in extended permit tcp any interface outside eq 9002.I have done this before with zero issues. The other two ports are open, however, port 9002 will not be visable from the outside. The ASA says it is open, but if I go to a site like canyouseeme, it shows closed. I cannot connect to the application either.
Can open (url) in work computer but not at home - Message coming up at home that it will be closed for maintenance and that was last week and has since finished now as i can open site at work but not at home
I have several SGE2000 in production and every night I save the current configuration to a tftf server... from time to time I get the following error: [code] Can't open TFTP client.At this time, the only way to be able to save the config again is rebooting the switch, but this is not a solution I am comfort.
I need to open ports 9080 and 5280 on my Cisco ASA 5505 firewall and despite doing everything I THINK I needed to do...when I run the utility to check from outside; it is NOT open....I utilize a website called [URL] (very good for these kinds of things) I have added the specific port(s) to my services so that I can CHOOSE them; added an ACE/ACL to; added incoming/outgoing rules to accomodate traffic to those ports....NOTHING.
Do I create an SMTP Network Object and send TCP traffic throught NAT?
Or do I go to the ASDM's Configuration/Firewall, choose Public Servers, and choose Private Interface=inside, Public Interface=outside, set the private/public IPs, and choose SMTP as the service? This seems much simpler, but is it the correct way to do it?
I am using ASDM 6.4(5) and would like to use that versus the CLI.
Networking is not my gig, but it has to be at this very moment. We have an ASA 5505. Let me explain what's going on.
On Tuesday I wanted to be able to use the ASDM since there is less room for error. But we only had a console set up. So I ran the following commands...
in ($config) http of course didn't do anything incomplete command http 192.168.1.2 255.255.255.255 didn't anything incomplete command http 192.168.200.254 255.255.255.255 inside
Everything started working after that. Everything worked fine all of wednesday and thursday. Then this morning it stopped processing again. When I traceroute it gets to the machine that is hooked up to the console and stops. So I'm guessing its actually getting to the ASA router and being swallowed up again...
I have 2 Vlans with seperate networks and want to create a route between one server in vlan 465 to another server in vlan 436 via port 80.Vlan 465 has a ASA 5505 inside that IP address 220.127.116.11 will be initiating the connection to address 10.200.1.213.
-Vlan 465: server address 10.200.1.213 -Vlan 436: server address 18.104.22.168
However for extended security I would like to restrict the firewall opening to an IP to IP opening.
I have two servers: serverA and serverB. In serverA there is a ssh session open to router1 from source TCP port 41760(from ephemeral port range). Is it somehow possible to detect from serverB, is there is a process associated with TCP port 41760 in serverA? I mean if I check with nmap, I receive a packet with RST flag on, but I'll receive similar packets for closed ports as well. Is it possible to distinguish, whether a RST packet is from closed port of from port, which has a session established with another host?
I have followed all instructions to forward port 22 on my netgear router WNDR 3400v2. It says it forwarded but according to port tracker. Its closed. I am having this with two different locations. All IP addresses are correct and the router can ping them. It just wont open. Using SSH program for port 22 access.
I have a Netgear wnr2000v3 Router connected to my Motorola Surfboard Gateway.I have a freePBX Server (virtual running off of VMware Workstation 8) that needs ports 10001-20000 and 5060 forwarded to the server at 192.168.1.110
I added the portforwarding as in this photo:
When I use a port tester it still says "Port 5060 is closed"I have also turned off Windows Firewall. What else could be blocking these ports?
i have a 54G wireless home router ..... successfully port fowarded an application from a CPU (server).... but after no connection made from the user to the server..... it suddenly close the application ..... so what i did is to reboot the router in order to refresh the connection ...... Is there any other ways to fix this sudden close of the ports ?
im trying to set up my cctv so i can watch it from my iphone outside my network and it says to open ports 80, 9000 and 15961. ive successfully opened ports 80 and 9000 but cant seem to get 15961 to open. i have an att 2wire.
Unfortunately we are stuck with a bt homehub 2.0. We all hate this thing with a passion. We cant workout how to open the same port on 2 devices. When we try it says theres a conflict and just refuses to let us do it. So only one of us can play the game we want, without it timing out. Now I've tried the BT forums, there was no support there. I phoned up BT and to my absolute disgust, nobody there knew how to use the homehub, or simply said 'turn off the firewall'.
i want to open portforward to utorrent in arouter but i cant open the addres of the router lookand when i go to local area connection status /status/detailsi found number of ip but there is no gateway i take whole ip and put them in browser and its dont open but the last friday i wake up in 3am run cmd and put ipconfigi found the gateway 192.168.2.45put it it in browser its open want username and pass i know them but i see lets doit next day going to bed next day the gate way reverse to the stupid gateway in in the pic i cant use aprogram to open port as i cant knowing my router mode
I have only recently noticed a HUGE decrease in my Utorrent speeds, so i thought i would have a gander and lo and behold.apparently the port Utorrent uses wasn't open. Now, i have tried about 10 different port numbers, made sure Utorrent is being accepted by Norton 360 Firewall,followed complicated directions to (i think) foward ports, and also follow directions to open a specific port.Nothing has worked so far, Utorrent still comes back with a port closed error.
I have a number of 3560CG-8PC-S switches. My intention for them is to act as kind of gateway L3 switches - one for each satellite site. My thinking was simply to have an L3 device at the gateway to each of those sites so that any inter-vlan traffic within each site can stay within the site rather than having to traverse the relatively slow radio links to get back to the 3750X stack in the core. They are also, however, going to be directly serving client devices
My issue is that for some reason, when connecting a new device (laptop etc) to one of the access ports on the 3560's, the port behaves as if it's being blocked. No DHCP addresses go through, the indicator remains orange, and the clients have no connectivity. However, if I wipe the config, I get a VLAN 1 IP address for my client no problems at all. And to make matters more confusing, only two out of my four 3560's are doing this. The other two have exactly the same config, but work perfectly.To that end, I'm loading the config below. I've followed that by the show running-config output, and show ip interface brief outputs.
I've got this syslog alarm from nexus 7018. I am wondering what the slot 19 is here.
2013 Jan 15 23:59:22 r1 %PLATFORM-3-EJECTOR_STAT_CHANGED: Ejectors' status in slot 19 has changed, Top Ejector is OPEN, Bottom Ejector is CLOSE 2013 Jan 15 23:59:24 r2 %PLATFORM-3-EJECTOR_STAT_CHANGED: Ejectors' status in slot 19 has changed, Top Ejector is CLOSE, Bottom Ejector is CLOSE
On the supervisor card of a cisco 6500 series, according to the following link, [URL] it only has 2 uplink ports on the card. Would I be correct in assuming that I only have those to ports that I can configure IP addresses on?
The cisco that is being devlivere is coming with a 48 port switch and 24 port fibre switch. Could I change any of those ports into a router port and configure IP addresses on those?
The supervisor card is a ws-sup-720-3b the 48 port switch is a ws-x6748-ge-tx the 24 port fibre switch is ws-x6724-sfp
I'm trying to enable port security on several 4507R's. When I try to configure a range of ports the switch will randomly put 1 or 2 in err-disable. It's different every time I apply the config to the same group of ports. However if I do them one at a time it seems to work. But I really don't want to configure 6 fully populated switches one port at a time. We also have a lot of 3750's and they gave me no problem using a port range. [code]
We just installed a hosted VOIP system using Cisco 7900 series IP phones. We are having a strange issue with a few computers where they pull DHCP information from our VOIP provider's DHCP server on the Internet and not our LAN DHCP server.
The switchports areconfigured as: switchport mode access
My rationale behind this is that the phones would use CDP to get their VLAN info from the providers Cisco router and the PCs would just ride on the default VLAN. But this is not the case. Computers randomly keep getting DHCP info from the provider's router. Do I have to use voice vlan x and make the switchports trunks?
I have a 3750g connected to a "core" switch stack of 7 other 3750g's via 2 GigE ports in a trunk. This is currently in a switchport mode access port- channel so only the default vlan data is sent over. Now we have a need due to physical location of these switches, to allow vlan20 (DMZ) from this 3750g to the switch stack. I will configure a few ports on the switch stack for vlan20 and they need to be able to talk to the stand alone 3750g.To do this I will change the port channel on both endpoints to
-switchport trunk ecapsulation dot1q
-switchport mode dynamic desirable
also making the appropriate change on the interfaces belonging to this trunk.My question is, now that its a trunk port that carries multiple VLANs, how much is the bandwidth reduced on that 2gbps link?I have a very active VLAN (10) on the stand alone switch, but on the core I'm not going to be assigning VLAN 10 to any ports. So does traffic from VLAN10 even come across the trunk (wasting bandwidth) if no ports on the core side are assigned to it? I really just need vlan 1 and 20 (for now).
is it possible to shutdown a specific port on my 3750x and monitor this port at the same time .for example , im dealing with a mac authenticated network using port security , i want to shut down all the ports that are not used at the moment , however , if some one gets connected to the one of the shutdown ports i want to know the mac address of the user or atleast to know that i have someone who is just plugged in to the one of the shutdowned ports .
I'm fairly new to Cisco products am in the process of developing my network knowledge on a deeper level. I have a 3825 with a HWIC-4ESW and I'm struggling to fully understand how the two "see" each other. I've setup a V LAN with a layer 3 address on the HWIC and added the switch ports to it. This seemed to allow devices connected to the switch ports to talk to the built-in router ports. I thought this was all making sense until i applied an access-list to the router port. It's a simple ACL i'm just using for testing and the only thing it does is blocks telnet from anywhere. I know the ACL is setup properly because if I connect a device directly to the router port i cannot telnet to the port. However, if i connect a device to one of the switch ports, i am able to telnet to the router port successfully.
It seems that I'm missing something with how traffic flows from the switch port to the router ports and how the two "see" each other.
I was looking for a way to connect an AUX port from a 1700 router to a 6500 switch module console port, to see the output of the Switch's on the 1700 router, in case there is a network downtime, I could see what's going on in the switch, what cable should I use ? Also, is there is any kind of documentation for this type of config what have I seen is very few info.