I need to open ports 9080 and 5280 on my Cisco ASA 5505 firewall and despite doing everything I THINK I needed to do...when I run the utility to check from outside; it is NOT open....I utilize a website called [URL] (very good for these kinds of things) I have added the specific port(s) to my services so that I can CHOOSE them; added an ACE/ACL to; added incoming/outgoing rules to accomodate traffic to those ports....NOTHING.
View 7 Replies
I have a Cisco 800 series ?I need to allow access to our local server from a specific range of external ip addresses.I can open port for all external ip using this command:
ip nat inside source static tcp <localserverip> <port> interface <interface> <port
But this is not secure as is..Do I then restrict and permit access using access-list? Or is there another way altogether?
Do I create an SMTP Network Object and send TCP traffic throught NAT?
Or do I go to the ASDM's Configuration/Firewall, choose Public Servers, and choose Private Interface=inside, Public Interface=outside, set the private/public IPs, and choose SMTP as the service? This seems much simpler, but is it the correct way to do it?
I am using ASDM 6.4(5) and would like to use that versus the CLI.
I am trying to open port 52199 on my ASA 5505 I have gone to firewall, access rules and then add tcpip.Not sure if that is the correct place but cannot get it to work?
View 1 Replies View Relatedwhen I want to let email to come through the ASA5505 from outside to DMZ and Inside network, are the below command lines correct and good enough?
access-list outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq imap4
access-list outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq pop3
access-list outside_DMZ extended permit tcp outside-network-ip dmz-network-ip eq smtp
access-list outside_inside extended permit tcp outside-network-ip inside-network-ip eq imap4
access-list outside_inside extended permit tcp outside-network-ip inside-network-ip eq pop3
[code]....
Are there any other TCP ports want to be allowed and other command lines need to be added?
I have a Cisco ASA 5505 with a fairly simple set up. Few VPN tunnels and only 3 open ports for applications. I have entered the following lines static (inside,outside) tcp interface 9002 10.0.3.230 9002 netmask 255.255.255.255 access-list outside_access_in extended permit tcp any interface outside eq 9002.I have done this before with zero issues. The other two ports are open, however, port 9002 will not be visable from the outside. The ASA says it is open, but if I go to a site like canyouseeme, it shows closed. I cannot connect to the application either.
View 3 Replies View RelatedI need to open port 4001 on my router for someone to have access. I need to do this thru GUI. Cisco ASA 5505
View 5 Replies View RelatedI need to configure pop3 port to be open on my ASA 5505. I've created an acl and static route to do this but for some reason, it's not open.
View 1 Replies View RelatedI have only recently noticed a HUGE decrease in my Utorrent speeds, so i thought i would have a gander and lo and behold.apparently the port Utorrent uses wasn't open. Now, i have tried about 10 different port numbers, made sure Utorrent is being accepted by Norton 360 Firewall,followed complicated directions to (i think) foward ports, and also follow directions to open a specific port.Nothing has worked so far, Utorrent still comes back with a port closed error.
View 1 Replies View RelatedI need to open ports 25, 993, 995, 443 and 465 to setup MS-Exchange. I don't have an inhouse IT guy and this seems pretty straight-forward in theory but I can't figure it out I need to open ports 25, 993, 995, 443 and 465 to setup MS-Exchange.
View 5 Replies View RelatedI have an ASA 5505 with ASA version 7.2(2) and ASDM version 5.2(2) and I am attempting to open ports 88 and 5445 and forward them to the IP address of my DVR. This is all new for me. I see several posts for other software version to do this same thing but my version appears to be older?
View 1 Replies View RelatedI'm working on setting up a PBX server in our office, and I'm having trouble getting a port opened for SIP on my ASA 5505.I created static NAT rule for SIP traffic from internal server to the outside IP address.I created access rules on outside interface to forward port 5060 to internal PBX server (192.168.1.8)I also disabled sip packet inspection on the ASA.I'm still receiving a message from the PBX that the firewall is configured incorrectly.
[code]....
How to list ports open on Cisco ASA 5505 appliance? I have tried to see using Cisco ASDM launcher, but no luck.
View 1 Replies View RelatedI just installed a Cisco ASA 5505 in my company's network,however the network became so slow and many websites cannot be opened or it takes toolong to open (yahoo, hotmail etc.) resulting to a request time out sometimes.
Here is my configuration:
ASA Version 8.2(1) !hostname xxxxxxenable password xxxxxx encryptedpasswd xxxxx encryptednames!interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 !interface Vlan2 nameif outside security-level 0 ip address
[Code].....
I am working on a site that has recently added a new subnet and I am unable to ping any of the stations on this new network. I have configured an Exempt NAT rule just the same as the rules allowing access to other networks. I have a feeling the problem is in the Site-to-Site VPN configuration since the new subnet is at the primary location over the VPN.
In the site-to-site configuration I added the new subnet to the list of "Remote Networks" and I still can't communicate with any of the devices on the network. If I go to the main site I have no problems so it appears to be related to the VPN or a configuration in the ASA on that site.
A port scan shows that all the traffic is "filtered" so somewhere either the site ASA or the main ASA is blocking the traffic.
I am having difficulty following the logic of the port-translation. Here is the configuration on a 5505 with 8.3,So I would have thought the outside access-list should reference the 'mapped' port but even with 3398 open I cannot remote desktop to the host. If I open 3389 then I can connect successfully.
View 12 Replies View RelatedSo here is my network.
ASA5505--->Cisco1841--->Cat2960
Code
ASA asa831-k8.bin
Cisco 1841 c1841-adventerprisek9-mz.151-4.M2.bin
Cat 2960 c2960-lanbasek9-mz.122-55.SE1.bin
and here is my dilemma.
I can SSH from the internet to my ASA on default port 22, directly to my public IP. I can SSH from the internet to my Cisco 1841 on port 2001. I can not however, SSH to my Cat 2960. From what i can tell, on the Cat2960 i can't change the default port 22 for SSH to different port, just like i did on the Cisco 1841. I looked to see if I can change the default port for SSH on he ASA, it does not look like this is an option.
The bottom line is that i want to be able to SSH to all three devices from the internet. I only have one public IP. As of now, what i can do is only SSH to the ASA on default port 22 directly to the public IP and Cisco 1841 on port 2001. It appears that changing the default SSH port on Cat 2960 is not an option. It also appears that I can't change the default SSH port on the ASA, if i could, i would and then i should be able to SSH to the Cat 2960 on port 22. No matter what i did on the ASA, it always listens on port 22 for SSH connections.
show asp table socket
TCP 001f549f <<pub IP>>:22 0.0.0.0:* LISTEN
how do i make it listen on different port?
Here is relevent config for SSH for cisco 1841 (port forwarding)
ON ASA
object network ROUTER
host 10.10.1.1
[Code].....
What is open port 49153 used for and how do I close it and any other open port that I don't know they got opened in the first place.
View 1 Replies View Relatedhow do i open port 22 in my router
View 1 Replies View RelatedMy friend is trying to open port 88 and it says this specific message "The specified ports are being used by other configurations".I did a netstat, netstat -a, and another netstat that i forgot and we could find anything on his computer using port 88.His router is a Netgear wndr3400.
View 5 Replies View RelatedI have an IP camera (foscam). It's connected to my wireless router. My router is connected to my motorola cable modem. My isp is Cox.I want to be able to view this camera from outside (ie: when I'm at work) by going to http://(my real ip) : (port). Port that I use is 88. I can't seem to do this.
First I set the port 88 to the camera's config. I can see the camera when I'm at home (going to 192.168.1.106:88). Reading the manual, I need to forward the port 88. So I go to my linksys wireless router 192.168.1.1 and single-port forward 88 UDP TCP (both) to 192.168.1.106.This doesn't solve the problem.I go to Open Port Check Tool and put in port 88 and it says I could not see your service on (my real ip) on port (88)
I have a say 'server', with win xp running on it. I want to open a port on the system so that that computer can be accessed within the network domain. for example when i open an internet explorer browser and type in [URL], i need to be able to connect to the /mls.net/eclispe.aspx present. so for that i have to be able to open a port
View 1 Replies View Relatedi have isp ip address i have opened port 9000,37777, 80 but when i check my port if there opened or not it keeps on say block?
View 1 Replies View RelatedWith the Cisco ASA-5505, is there a more secure port that can be configured for VNC other than 5901? I am new to Firewalls We have a User who has requested that 5901 be opened but I was advised not to do so for security concerns.
View 5 Replies View Relatedi just ran a NMAP scan on the outside interface of a ASA 5520. It seems that the TCP Ports 7070 and 554 are open on all NAT interfaces and the outside interface of the firewall. I tried telnet on port 554 and 7070 and got connected.
View 10 Replies View RelatedI want to setup BB to monitor snmptraps with failure. The BB log shows can't connect to all switch ports 161, and I even can't telnet to XXX_17f 161 for example. My switches are Cisco C3550, C2950, ASA etc.
Mon Nov 7 15:43:03 2011 bbnet Can't connect to server XXX_17f on port 161
Mon Nov 7 15:43:03 2011 bbnet Can't connect to server XXX_9f on port 161
Mon Nov 7 15:43:03 2011 bbnet Can't connect to server XXX on port 161
I have a RV042 Dual Wan. Two internets balanced wow! who would've thought that the headaches were waiting patiently right down the corner.
I was working with a 2wire Gateway that came with my ISP. I was able to open the ports in order to have public access for my students and teachers to upload their work. All I had to do was to allow my server ip address to have access to different ports blocked by the ISP. I used [URL]
I bought the RV042 for various reasons like excellent content blocking, load balancing, quick vpn, among other. But I just can't open the port 80 while having having my two ISP connected with load balancing, not even while having only one modem connected.
I have resolved many issues using the protocol binding. I have tried everthing. I just don't undertand something.
Whenever I connect my server to my old router, "www.canyouseeme.org" tells me that my port 80 is open. Whenever I connect my servet to the RV042-DW, my port appears closed.
So it's not any OS issues.
I've tried:
- To forward the TCP 80~80 port to my server static ip address... but failed
- To enable UPnP function with the same port... but failed
- To configure the port triggering with the same port.. but failed.
- To disable the firewall.. but failed.
- To use transparent bridge in the WAN1 with my 2wire Gateway... but failed
- To set up an account in DNS.ORG already had one, everythings is in green.. but failed.
- To change the configuration in my old 2Wire Gateway router to allow a DMZ zone so all ports are public... but failed.
- To assign RV042 router ip address in my old 2Wire allowing that specific address to allow certain ports to be public... but failed.
I have the Firmware v4.0.4.02 from DEC/11
[URL]
This is problably a stupid question but how do I open a prot on a cisco 1811? I have a cisco 1811 and a computer that has VNC installed on it. I want to be able to access that computer from out side the network using the external ip address and port 5950. People outside the network will be able to open vnc viewer and type in *external ip address*:5950 and it will be directed to the computer with a static internal ip address of 10.11.101.10. What commands do I use to do this?
View 23 Replies View RelatedWe have an ASA5510 that we need to open port 25 to allow mail traffic to our internal Exchange server.We have 2 interfaces defined... one named Internal on eth0/3 ip 10.1.x.x and one named Internet on eth 0/0 ip 96.56.x.x.We followed the instructions in ASDM for allowing access to a public server but confusion over definitions have stopped us.ASDM asks for the internal interface and the internal server IP... no problem there because the internal interface and server have two different IP addresses. The Internal interface is eth 0/3 (10.1.1.1) and the server is 10.1.1.2.
However, when we get to the External interface (eth 0/1) there is only a single IP address 96.56.x.x but the ASDM asks for an Interface IP and the IP people would use to get to the mail server from the outside. Inasmuch as we have only 1 external IP address (which connects to our upstream Cisco router which in turn connects to the ISP modem) we used the same IP for both but the ASDM returns an error indicating they must be different.
Apparently we do not have a clear understanding of what the ASDM is actually asking for. When the ASDM asks for the external interface we assumed it was asking for the named value we gave the interface (which is Internet). The named value "Internet" has an ip associated with it 96.56.x.x. But when the ASDM asks for the ip people on the outside would use to get to the mail server (we created a named value called "mail server" and gave it the same ip address as the external named value. This duplication of ip address causes the ASDM to return the error stating that external Interface to be used and the external ip to be used cannot be the same.Have we made an error when we assumed that when the ASDM asked for the external interface it meant the ip of the external interface or was it asking for the eth number (as in eth 0/0) for the interface?
I just bought and setup a RV110W. I noticed while scanning it from the WAN side that it always has port 443 open, even when remote management and VPN access are disabled. Why is this port still open, and how do I close it? Or is this a bug in the firmware? I am using firmware version 1.1.0.9, which is the most up-to-date for this unit. Having open ports allowing unsolicited contact from the WAN side, especially inadvertant ones, is a major security hole.
View 7 Replies View RelatedI have a static IP address over 100Mbit fiber. I've installed a Mac Mini as a webserver and opened the ports 80, 443 and 5900 and a few others for minor services. Everything works fine: the http server (and https as well) is up and pepole can reach it from wan.Yesterday I tried to setup the FTP service with less success. Into the ACCESS RULES I enabled the FTP service and, as a result the port 21 opened up.
But if I connect via Cyberduck to the server I can navigate through the folders but I can't download anything. So I tryed to open up the port 20 for data transfer with no result. Same issue when I tryed to setup the AFP service to mount remotely server volumes: port 548 opened up but no success with port 549.
i have 3g mobile dvr, put a sim card directly into it and it gets an ip address and you should be able to view it remotely but i cannot connect. i can ping the ip no problem and i checked that the port the dvr uses (9000) was also open on that ip and i used a locator to trace the ip and it pinpoints the ip to my isp's base so why i cannot connect to it
View 2 Replies View Relatedrecently my brother has blocked some ports on our home router because he thinks i play too much video games. ( i actually dont play a lot ! ). He says there are alternative ways to make it work again and challenges me to figure out how to change the ports back to normal but he would not give me the access to the router, meaning i dont know the Login and password for it. Plus I am not allowed to reset the router to factory settings. For about three days I have been looking up ways to change the ports on my router through my computer but nothing has worked so far. I have a gaming tournament coming up and I really need to practice with my team but i cant get access to it.below is my system's information,
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD A6-3400M APU with Radeon(tm) HD Graphics, AMD64 Family 18 Model 1 Stepping 0
Processor Count: 4
RAM: 3560 Mb
Graphics Card: AMD Radeon(TM) HD 6520G, 512 Mb
Hard Drives: C: Total - 468745 MB, Free - 420932 MB;
Motherboard: ASUSTeK Computer Inc., K53Z
Antivirus: None
