Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1148
Views
0
Helpful
6
Replies

Open Port

adamrdigital
Level 1
Level 1

‎10-01-2008 04:19 AM - edited ‎03-03-2019 11:45 PM

Hi,

I have a Cisco 878 Router and have been asked to open ports 8585 and 8119. I have a web interface that does not show this option and I am new to telnet. Can anybody please give me some information on how to do this.

Many thanks.

Labels:
0 Helpful
6 Replies 6

rush2amol
Level 1
Level 1

‎10-01-2008 04:30 AM

Do you have acl configured on the interfaces of the router ?

0 Helpful

adamrdigital
Level 1
Level 1
In response to rush2amol

‎10-01-2008 06:05 AM

acl - I have looked at the documentation that the Cisco Engineer left with me 2 years ago and it does say that acl is configured. How to get it or view it I am unsure.

0 Helpful

julio.fojon
Level 1
Level 1
In response to adamrdigital

‎10-01-2008 06:19 AM

Hi,

Just do show access-list from the priviliged mode (#) and you willl be able to see all the configured access lists in your router.

I hope it helps, thanks.

0 Helpful

adamrdigital
Level 1
Level 1
In response to julio.fojon

‎10-01-2008 06:40 AM

Hi,

I have done that and also used some code I have found from http://blogs.techrepublic.com.com/networking/?p=326 to open ports 8119 and 8585.

I have attached a screengrab of what I see at the bottom of my list when I type in "show access-list" in telnet. Howeever when I go to http://localhost:8585 I get page not found. I should be able to see a TomCat Page.

Preview file
7 KB
0 Helpful

julio.fojon
Level 1
Level 1
In response to adamrdigital

‎10-01-2008 06:46 AM

Hi,

I can't see very welll your output but I believe that at the begining of the access list you have a deny any any statement. If so, that is why you might still have issues seeing the page.

FYI, when you are going to modify an access list you have to remove it from the interface, then remove it from the configuration and re-enter it making sure that the statements are in the correct order. The deny statement has to go (always) at the end of the list; otherwise, all the traffic will be blocked.

Even if you don't enter the deny statement, there is an implicit statement in there.

Make the proper changes and let me know if it helps. Thanks.

0 Helpful

John Blakley
VIP Alumni
VIP Alumni
In response to julio.fojon

‎10-01-2008 09:04 AM

Yes, you have a deny above your permit statements, and that will block everything. Since you're not using extended access lists, you'll have to remove the acl from the interface, copy and paste the acl into notepad, make your changes, and then paste back into your router. Then you'll reapply, but one thing to note, if you have an acl, and you're not using static nat translations to the device that you're wanting to open access to, then you won't really be doing much. You need to have statics in your nat translations.

To remove acl from interface:

router(config)# int fa4 (or whatever interface your public address is on)

router(config-if)# no ip access-group in

It would be best if you posted your sanitized config.

--John

HTH, John *** Please rate all useful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card