Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
3
Helpful
2
Replies

Port 445 Question

fineospaul
Level 1
Level 1

‎01-13-2008 10:07 AM - edited ‎03-11-2019 04:47 AM

CISCO-PIX-515E:

I am NOT exposing port 445 to the internet (as I have no need or disire to do so and am well aware of the security issues)

- but I have noticed that one of my DMZ hosts (an SSL VPN Server) is trying to pass 445 traffic internally -

so my question is...is it also considered to be bad practice to allow port 445 traffic between a DMZ host and an internal host?

Externally we ONLY allow port 443 to the DMZ Server in question.

Labels:
0 Helpful
2 Replies 2

Not applicable

‎01-18-2008 01:16 PM

I don't think there is any harm in this since systems on DMZ can't access internal hosts directly.

0 Helpful

cisco24x7
Level 6
Level 6
In response to

‎01-18-2008 01:27 PM

This is the case that you have the SSL VPN

Server configured for Windows Domain

authentication. It is trying to use either

port 139 (legacy) or port 445 (new) for

authenticating users with Domain Authentication.

I do the same thing with my VPN concentrator.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card