I have been asked to open some ports in order for a CCTV company to connect to an internal CCTV server on our LAN.
We have a Pix running PIX Version 6.3(5) I am ok configuring an ASA for the above but not a Pix.
I have upgraded an ASA 5505 to 9.0(1) as I would like to use ipv6 version of dhcprelay. That said, I am unable to obtain a global unicast address but the link-local address is able to communication with the ISP's gateway/DHCP provider which I hope will allow v6 dhcprelay provide internal clients with IP's from the ISP. Trouble is, unsolicated inbound ICMPv6 messages from the ISP's gateway are being dropped on the way into outside interface.
%ASA-3-313008: Denied IPv6-ICMP type=129, code=0 from fe80::201:5cff:fe3b:3c41 on interface outside
%ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::201:5cff:fe3b:3c41 on interface outside
%ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::201:5cff:fe3b:3c41 on interface outside
[Code]...
We have a DVR here at work that has a web interface on port 100. From our internal network we just use http:192.168.100.40:100. What is the best way to set that up on cisco 5510 firewall. I have cisco asdm and set a access rule: enabled=checked ; source=any ; destination= 192.168.100.40 ; service= tcp 100 ; action=permit. It shows a couple of hits when I go to [URL]
View 7 Replies View RelatedI am trying to configure a new 5505 but I am having difficulties opening ports that allow traffic in from the outside. My setup is Comcast Business Modem (w/ single static IP) -> ASA (10.0.0.1) -> (dumb) Switch -> NAS (10.0.0.10). I am attemping to open port 5001 to the NAS. I am very new to IOS so I have mostly been working in ASDM. Not sure if I am overcomplicating this for myself or what but I am stuck.
My running config is -
ASA Version 8.2(5)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
[Code].....
What I'm trying to do is to get my Xbox connected to the internet through my router (wired connection), but I want to have my NAT open also. But when I put in a static IP into the Xbox manually and open the ports in my router, it makes it so my Xbox can't connect to Xbox Live at all. Although, if I just leave it to the automatic setting on my Xboxs network options, I can connect just fine. But, I end up having a strict NAT type, unless I restore to factory defaults in the networking options on the Xbox.
View 2 Replies View Relatedhow can I open my port 80, 5000, and 22 in my modem.
View 1 Replies View RelatedI need to open some outbound ports in order for our CCTV company to receive alarms from our internal CCTV Machine.
The ip addresses of the company who access the CCTV are as follows:
213.130.134.56
81.130.198.97
The above are fixed IP addresses. The internal machine is on 192.168.204.170
The outbound ports that I need to open are the following:
TCP
21
23
80
5201
UDP
1025
2074
2075
I have access to the current config if needs be.
I need opening up some ports for a sftp client at work. software version 8.0 (3) device manager version 6.1 (1)
View 4 Replies View RelatedI've had this router for a few months after my last one died and I'm now completely unable to port forward. I follow all the steps to port forward but alas the port is still closed every single time. I've tried a few fixes in the past including disabling UPnP, using those auto port forwarding programs, and creating an exception for the port in my fire wall. Nothing has worked!
View 14 Replies View RelatedWe have just acquired a cisco profile 42 video conferencing equipment and am required to open ports for SIP and H232, any pointers on hw that can be acquired i have a cisco ASA 5510, Some one told me to open port 16384 but i need pointers on how to do it becuase I already set an access list to any.
the config
Internet -> ASA 5510 -> Switch -> Profile 42 and other devices
I am trying to open up 3 TCP ports in Cisco ASDM Launcher:
16000
16001
8098
And have a Cisco ASA 5505 Router. I need these ports open in order for a software that I have installed on the server to communicate with my local client computers for my business, The software is installed on Windows 2008 Server Standard Edition and was installed with MicrosoftSQL 2005. The software and Microsft SQL 2005 is pretty much installed and just requires this last step in order for the server to be connected to the local computers. In order to resolve this, I have gone to.
I am used to setting up access-lists on outside interfaces with ip addresses that are static. I have recently been given a site that is using a dyndns.org client for name to ip address resolution on an outside interface that is dhcp assigned. I created an access-list to open up ports 41794 and 41795 to an engineering application but everytime I try to connect from the outside I get a syn timeout. The application works when inside the lan. Basically I want to allow outside connections from anywhere on the outside to go to ports 41794 and 41795. I am running a Cisco ASA 5505 on version 7.2(4) Below is my conifg. what I may have misconfigured?
: Saved:ASA Version 7.2(4)!names!interface Vlan1 nameif inside security-level 100 ip address 172.31.2.1 255.255.255.0!interface Vlan2 nameif outside security-level 0 ip address dhcp setroute!interface Ethernet0/0 switchport access vlan 2!interface
[Code].....
I just purchased a cisco ea4500 I have set up port forwarding for http, https, rdp. however when I run zenmap and port check it fails says port in use. I have set it up in sigle port forwarding, rang and port trigging. I tried RDP and VPN to machine that is hard wired and it fails as well. My windows server is connected as well however RDP fails on there to
View 9 Replies View Relatedallow ports 18082 and 18086 inbound to one of my internal servers. how to create a static nat rule but I dont know how to only allow those two ports. I dont want to open the server to all ports. This is what I am doing via ASDM v6.1:
Configuration-NAT Rule-Add=Add Static NAT Rule
Original
Interface: inside
Source: my internal IP address
Translated
Interface: outside
Use IP Address: my available external IP address
Now under PAT I assume that's where I put the ports, so I place a checkbox on Enable and select TCP. Then I enter 18082 on both the Original and Translated Port boxes. I tried adding 18086 by entering 18082-18086 or with a comma as a separator but it doesnt allow it and spits an error saying that the format is incorrect.
click [OK]
Now is that how I add a single port to forward to my internal server? Do need to create another Static NAT Rule including the second port of 18086
-I need to configure the following on my PIX:
TCP port 2195 - outbound
-TCP port 2196 - inbound
How would I configure this via ASDM?
Any simple way of opening ports on a 1841 router.I have a working config for internet traffic. I am looking to boot up my Windows Server and Run IIS.
View 1 Replies View RelatedI've installed XAMPP on one of my Vista computers, and intend to use it as a server. The internal IP address of the server is A.B.C.D. The internal IP address of the DIR-615 is A.B.C.E. whatsmyip.com says that external address of the server is F.G.H.I (and so is everything else inside my network). I have Filezilla listening on port 21. I've turned Windows Firewall completely off on the server, and my ISP (Time Warner / Road Runner) says that they never block any port.I tried going to the DIR-615 using Port Forwarding, and set ports 21 & 90 to forward to A.B.C.D, for both UDP & TCP, Allow All, Always. That didn't work.I tried going to the DIR-615 using Virtual Server. I set a virtual server on port 21 to A.B.C.D, for both UDP & TCP, Allow All, Always. It made me turn off Port Forwarding, and it wouldn't let me use both 21 & 90 on the same rule, so made two rules. That didn't work either.
I tried setting A.B.C.D as a DMZ host. That still didn't work.I can ftp connect into A.B.C.D from one of the other computers in the network. People outside the network can't connect to F.G.H.I. I can't connect to F.G.H.I. from inside the network. The same is true of Apache (but ports 80, 81 & 443), Ventrilo (but ports 3784 & 6100) and MySQL (but port 3306). I figure that FTP is the easiest to test, so I've been just trying to get that to work.In FileZilla Server Options, I am bound to *, I have no filters, and my passive mode is set to "Retrieve external IP"As far as I can tell, if I've ruled out anything inside my network (by connecting internally), and I've ruled out my ISP (they don't block), then it must be the router. I think I've done port forwarding according to [URL], and it seems like it should be easy, but I've been trying forever and I can never get it to work.
I'm trying to get the silly iTunes Wi-Fi sync to work , and I've been told to ensure that these ports are open:5297 TCP 5298 TCP/UDP and 5353 UDP in the hardware router. How do I do this with the DIR-655 (HW version A3, FW version 1.35NA)?
View 1 Replies View RelatedI have a Belkin F5D8233-4v3 N Wireless Router. To get the wireless Directv connection, directv told me I have to get 2 ports open on my router.1701 and LT2P.
View 1 Replies View RelatedI have a cable modem hooked up to a Linksys WRT54G2 wireless router, which is hardwired to the computer I use.
I go into the router's menu by going through the standard 192.168.1.1 in the browser, and then go to Applications and Gaming. The port I am trying to open is port 25565 for both TCP and UDP. In the Start and End ports I put 25565, and for the end of the IP Address, I put the last digits of my IPv4 address (10). I used a couple of port checker tools, and it is reporting as still being closed.
I saw a reference to release notes for firmware 1.1.0.9 (I think that was the number) for the RV110W but if I browse the firmware download page I only see 1.0.1.6 available for download. Is this available somewhere or am I confused and saw a reference to something else?
I have an installed RV110W at a client site that has to be rebooted about once a week since it stops allowing inbound access to mapped ports. For example, it stops forwarding connections on Port 25 to the client's e-mail server. I thought for a while there was a software issue with the e-mail server but after days of eliminating all other likely issues I rebooted the router and everything was fine. Now the problem recurs about once a week and rebooting the router always fixes it (this is week 3). Forwarding to ports 80, 443, and several others also stop working.
Is the Cisco IOS version specific to the number of ports?IE, would a 24pt 2960 switch use the same IOS version as an 8 pt 2960 switch? Or is there a different IOS for each number of ports?
View 5 Replies View RelatedMcAffee scan of acs 1113 appliance running the 4.2 build 124 patch 12 version reports that a medium vulnerability exists because the system has SSH version 1. Any way to specify only version 2 or turn off SSH?
View 9 Replies View RelatedCan we use ACS 4.1 version recovery disc on 4.2 verison to recover the forgotten password.
View 1 Replies View Relatedwhich version of prime infrastructure supports wlc5508 version 7.4
View 2 Replies View Relatedprovide me with the important links which can show me how to do the software upgrade for my ASA 5520 ver 7.0(1) to ver 8.4 ? as well as the ASDM
View 10 Replies View Relatedi am using Cisco ASA 5510 with ASA Version 8.0(4) and memory 256MB. me to Upgrade it to 8.3
View 6 Replies View RelatedWe are looking to upgrade our WiSMs to version 7.0.230.0, but the Cisco compatibility matrix suggests we need to upgrade WCS to the same version (it is currently on 7.0.172.0). My question is can we upgrade the WiSMs and do the WCS at a later date with no issues or do we need to do them at the same time to keep visibility of everything?
The reason I ask is that some of my clients use lobby ambassador for some of their users and they will need wireless access on the day we are due to upgrade WCS (the WiSMs are due to be upgraded and rebooted earlier that morning.
We have an ASA 5505. 5505 comes with two default vlans 1&2 with each of them marked as inside & outside respectively.My query is , if i do not want to use vlans on 5505 and only want to use the Ethernet ports as pure physical layer 3 ports, is it possible?i.e. i want to assign a layer 3 ip address on eth0/0 and eth0/1 and make them as the inside & outside interfaces rather than vlans. is it possible to do away with vlans in 5505 & will it work otherwise?
View 3 Replies View RelatedI need to receive a 15GB file from a friend, we are using xlight to transfer the file,I dont know much about all this but i am unable to open his ftp server which is(ftp://10.10.xxx .xxx:21).I havent yet installed xlight, i paste this site on my address bar and nothing happens, it gets timed out, i am only facing the problem others are able to access the site........AMD Phenom II 955 Black Edition | 4 gb ddr3 | 1 TB segate | Nvidia 9500GT(O.C)
View 4 Replies View RelatedThere is about 5 devices in my house that uses the same network. Two of them are Xbox's (One uses wireless, other uses wired). I've tried many times to open the NAT for the 2 Xbox's, but have never succeeded.I've read that enabling UPnP, will fix the problem; however I have tried that, and it does not work. If I want to open the NAT for just one Xbox, it will let me - I just port forwarded the required ports for the one Xbox. In my case, this isn't want I want.
View 1 Replies View Relatedi am trying to open a website in UAE [URL] . its opening in india very well but here its not working. it says connecting and after few minutes page displays network error or server busy.
View 4 Replies View RelatedIs there a way to associate spare firewall ports with another port that is being used..For example...int gi 0/2 is being used currently for my web dmz. Its ip is 192.168.10.1..Is there a way for me to associate gi 0/3 with the same layer 2 as gi 0/2 ?
In my webdmz I use 2 ACE 4710 proxys in FT mode. I used a layer 2 switch to connect firewall and proxys together.
I would like to eliminate this switch if possible..and connect both 4710's (layer 2) direct to firewall.If I could make gi0/2 - 4 part of the same vlan, then I would be good to go.
