Ports on ASA

Unanswered Question
Jun 30th, 2009

Hi Friends,

Is there anyway to check the open ports for hosts on ASa?

If I have opened a port 443 for some ip addresses attaches to PIX. Would it be possible for me to check the access to ports from those ip addresses from ASA directly.

Thanx in Advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mvsheik123 Tue, 06/30/2009 - 16:06


you want to find the open ports on the ASA. is that correct..?

If you have configuration for the ASA with you that makes it easy. If not but still want to find the open ports, then run a scan (TCP & UDP)from outside (to find ports opened from outside).



**Rate helpful posts**

Faizan Shaikh Tue, 06/30/2009 - 16:13


Lemme give you an example.

Suppose I have and attached to an ASA.

I have opened port 443 for both of them to an external IP say :

I am logged into ASA and I want to check whether my configuration are correct or not.

Indirectly I want to check the connection from and to via port 443 from ASA.

is that possible?


mvsheik123 Wed, 07/01/2009 - 08:09

Not that Iam aware of. lets see if Gurus in the forum can shed some light.



**Rate helpful Posts**

Giuseppe Larosa Wed, 07/01/2009 - 11:13

Hello Faizan,

if it as on routers you could use

telnet 443 /source intf-name

where intf-name is the interface where 10.10.10.x machines are connected

Hope to help


Faizan Shaikh Wed, 07/01/2009 - 12:41

Hello Friends,

I have thought that I can check connectivity as we do in router by using 'extended ping' command where we can ping from an internal source address.

It seems we need to log into the individual hosts connected to ASA to check for the open ports.

It doesn't seems that ASA can check directly.


I have one more query regarding port configurations.

Where do we require Natting on PIX and ASA with respect to inbound and outbound connections?

Inbound? outbound? both? or none?




This Discussion