Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA: what are the TCP ports to be permitted for microsoft AD/Exchange/IIS?

Dear all,

I need to configure a access rule in ASA 5550 to permit microsoft AD/Exchange/IIS services, anyone has the idea what TCP/UDP ports to be opened?

Like other firewall they have predifined services object for these MS services, so is there any other way to configure the ASA to permit such services, for instance, use predefined objects if it has...

Thanks

DYBC2125

Everyone's tags (1)
2 REPLIES
Cisco Employee

Re: ASA: what are the TCP ports to be permitted for microsoft AD

Most of this information can be found on microsoft's excellent knowledgebase pages (IF not part of well known services -> check /etc/services on most unix systes)

If in doubt, best to see what ASA is blocking, enable logging to buffer on informational level:

-------

logging time

logging buffer-size 1040000

logging buffere info

-------

Following this you can do:

-------

show logg | i Deny

-------

or

------

show logg | i $IP.ADD.RE.SS

-------

To see what is being denied :]

Re: ASA: what are the TCP ports to be permitted for microsoft AD

336
Views
0
Helpful
2
Replies
CreatePlease to create content