cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
491
Views
0
Helpful
6
Replies

How do I open a port on a router?

i need to open 4 ports on a router.

ports # 80, 443, 6464, and 7575.

i feel really dumb, but can someone help me out?

its for a IPSEC, LAN-2-LAN connection. THey can send information, but cant receive, and these ports are closed. They need to be open. HELP!

Dustin

6 Replies 6

JORGE RODRIGUEZ
Level 10
Level 10

Dustin, the access is determined by the acls you have configured on the IPsec tunnel, assuming your l2l vpn is between two routers see example link.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

Rgds

-Jorge

Jorge Rodriguez

so it would actually be on my firewall rather than the internal router?

Whichever you are terminating the tunnel at router or firewall the acl on the router or firewall terminating the tunnel will allow the traffic.

Jorge Rodriguez

sdoremus33
Level 3
Level 3

One thing you can do is run a packet capture on your firewall( fw--> dst and reverse). If you are using PIX Ver 5.xx or 6.xx you can run the following command

(See Below)

capture -acl specify source traffic to destination including -interface to which the traffic is flowing.

Ex First create a test ACL to see if the ports are open or blocked from the firewall to dest

ACcess List 102 permit x.x.x.x where x.x.x.x = src to y.y.y.y where y.y.y.y is the destination and test all ports by using acl for each port to test

Then run capture -name, and run traffic to see results.

after you run traffic through

go back and type capture _name, this will give you the output, check to see if there are any resets denoted by -R in the trace, and if there are thats your problem. This means that the packets are being reste to src due to blobked port primarily on the FW. HTH

what about asa 5520, version 8.0?

Your best bet is through the ADSM gui interface

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco