06-03-2008 12:53 PM - edited 03-03-2019 10:13 PM
i need to open 4 ports on a router.
ports # 80, 443, 6464, and 7575.
i feel really dumb, but can someone help me out?
its for a IPSEC, LAN-2-LAN connection. THey can send information, but cant receive, and these ports are closed. They need to be open. HELP!
Dustin
06-03-2008 06:06 PM
Dustin, the access is determined by the acls you have configured on the IPsec tunnel, assuming your l2l vpn is between two routers see example link.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml
Rgds
-Jorge
06-03-2008 07:55 PM
so it would actually be on my firewall rather than the internal router?
06-04-2008 04:25 AM
Whichever you are terminating the tunnel at router or firewall the acl on the router or firewall terminating the tunnel will allow the traffic.
06-04-2008 09:21 AM
One thing you can do is run a packet capture on your firewall(
(See Below)
capture -acl specify source traffic to destination including -interface to which the traffic is flowing.
Ex First create a test ACL to see if the ports are open or blocked from the firewall to dest
ACcess List 102 permit
Then run capture -name, and run traffic to see results.
after you run traffic through
go back and type capture _name, this will give you the output, check to see if there are any resets denoted by -R in the trace, and if there are thats your problem. This means that the packets are being reste to src due to blobked port primarily on the FW. HTH
06-04-2008 12:03 PM
what about asa 5520, version 8.0?
06-04-2008 04:56 PM
Your best bet is through the ADSM gui interface
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: