Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA5525x 9.1x Firewall behaviour?

Hi there

I have a 5525x running          

Cisco Adaptive Security Appliance Software Version 9.1(3)

Device Manager Version 7.1(4)

I have noticed when trying to debug traffic flows that uncommon ports do not appear in the logs, for example I am trying to troubleshoot proxy connectivity from our vpn client to the proxy server via tcp/8080 however when I run a telnent test to the proxy server using port 8080 I see nothing in the ASA logs. When I then try tcp/80 I see this in the logs I also see other common ports such a tcp/443, tcp/993, tcp/21 appear in the logs but when I try using the telnet test on a port like tcp/996 I see nothing in the ASDM logs.

The question is, is there a default security behaviour in 9.1.3 that blocks uncommon ports?

Currently my VPN clients cannot communcate wtih hosts behind internal firewall other than the common ports i.e tcp/80 tc/21 etc

CreatePlease to create content