Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Open Ports

I need to open ports 6464, 7575 and 443 in my Cisco ASA 5505 so that techs in our office can access a hospitals Stentor Isight...Please help with abc steps.

3 REPLIES

Re: Open Ports

If your techs are inside your LAN behind asa5505 firewall and are trying to connect to and outside server out in another location over internet you don't need to open up these ports for outbound connections.

On the other hand, if you are hosting a Stentor server behind asa5505 firewall and want to provide access for outsiders to access the hosting server on ports mentioned in your post this can be done as follows in firewall.

1- Piblic IP for a one-to-one NAT for local server so that can be accessible over internet.

2- Configure firewall tcp service ports

3- Configure firewall access rules

e.i assume

1- Public IP is 20.20.20.20, Local Stentor IP 10.10.10.10, server seating inside LAN.

static (inside,outside) 20.20.20.20 10.10.10.10 netmask 255.255.255.255

2- Configure TCP service group

object-group service Stent_server tcp

port-object eq 6464

port-object eq 7575

port-object eq https

3- Configure access list and apply to outside interface

access-list outside_access_in extended permit tcp any host 20.20.20.20 object-group Stent_serve

access-group outside_access_in in interface outside

HTH

Rgds

Jorge

Community Member

Re: Open Ports

Thank you. This was very informative However, I wonder why the IT guy at the hospital's radiology department was so definative about needing to open those outlined ports. I plan to speak with him in the morning. I believe he mentioned something about needing to have both outbound and inbound connections...

Re: Open Ports

Like I said, outbound does not need to be permitted, unless you explicetly block outbound traffic in your firewall, once a source atempts a connection to a destination hosts outside fw tcp three way handchake is stablished and comminication between source and destination host flows.

In any case, post your findings/update.

Rgds

Jorge

436
Views
0
Helpful
3
Replies
CreatePlease to create content