06-03-2008 12:53 PM - edited 03-03-2019 10:13 PM
i need to open 4 ports on a router.
ports # 80, 443, 6464, and 7575.
i feel really dumb, but can someone help me out?
its for a IPSEC, LAN-2-LAN connection. THey can send information, but cant receive, and these ports are closed. They need to be open. HELP!
Dustin
06-03-2008 06:06 PM
Dustin, the access is determined by the acls you have configured on the IPsec tunnel, assuming your l2l vpn is between two routers see example link.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml
Rgds
-Jorge
06-03-2008 07:55 PM
so it would actually be on my firewall rather than the internal router?
06-04-2008 04:25 AM
Whichever you are terminating the tunnel at router or firewall the acl on the router or firewall terminating the tunnel will allow the traffic.
06-04-2008 09:21 AM
One thing you can do is run a packet capture on your firewall(
(See Below)
capture -acl specify source traffic to destination including -interface to which the traffic is flowing.
Ex First create a test ACL to see if the ports are open or blocked from the firewall to dest
ACcess List 102 permit
Then run capture -name, and run traffic to see results.
after you run traffic through
go back and type capture _name, this will give you the output, check to see if there are any resets denoted by -R in the trace, and if there are thats your problem. This means that the packets are being reste to src due to blobked port primarily on the FW. HTH
06-04-2008 12:03 PM
what about asa 5520, version 8.0?
06-04-2008 04:56 PM
Your best bet is through the ADSM gui interface
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide