Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Cisco ASA5510 with Pitney Bowes Limited Functionality

we have a cisco asa5510 and I have firewall rules setup to allow all traffic incoming and outgoing from the pitney bowes device, I have forwarded ports required all except 443 as it is used by the SDM to access the firewall for management.    Stil this unit wont connect right and download its software, Pitney Bowes gave a long document about forwarding and allowing every port on the device forwarded to this thing, but it just doesnt seem reasonable to open up all of these ports to one device. Anyone have any experience setting up an ASA5510 to work with a Pitney Bowes network based device behind it.  This is very frustrating.                  

2 REPLIES
Super Bronze

Cisco ASA5510 with Pitney Bowes Limited Functionality

Hi,

I am not really sure what the problem is unless its only the problem with the port TCP/443 ?

You can always change the ASDM port on the ASA with the command

http server enable

This will let you change the port from the default TCP/443

Even if you used the SSL VPN you would be able to change that port also.

But I am not sure if your problem was just with the TCP/443 port as I said.

- Jouni

Super Bronze

Cisco ASA5510 with Pitney Bowes Limited Functionality

Just to add,

I would imagine that if there is some connections that the device cant form or some connections that cant be formed to the device from the external network that your ASA logs should tell you what those connections are.

If there are connections incoming from the external network for which you dont have ACL/NAT configurations you should see this clearly in the logs through ASDM as the ASA denies these connection attempts and creates a log message.

If there is some connections that the device forms you might be able to check the logs if any of those connections timeout which would indicate a problem somewhere outside of your network. Or perhaps the connections get blocked on your internal interfaces ACL.

- Jouni

317
Views
0
Helpful
2
Replies
CreatePlease to create content