Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Understanding of Ports tcp/0 and udp/0

Hi.........

On my firewall logs, I am getiing hits counts like tcp/0 and udp/0 from internet as well as my remote location.

but i am not understand that for which purpose the tcp/0 and udp/0 is used.

As per my knowledge 0 is well known port.

if anyone having idea on this pls suggest me.

Thanx.......

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Understanding of Ports tcp/0 and udp/0

Those logs could be part of an authentication like I mentioned, or could be traffic that is flowing through the ASA.

Who is sending the logs, the ASA?

What severity are these logs? Are they just informational or critical?

This could be normal traffic or not, in order to find out, we need to know if that traffic showing on the logs is supposed to go through the ASA in the first place.

A configuration will help.

Federico.

3 REPLIES

Re: Understanding of Ports tcp/0 and udp/0

Hi,

tcp/0 or udp/0 specifies all TCP/UDP traffic

For example, to enable authentication for TCP connections originated from the inside interface to the outside network:
aaa authentication include tcp/0 inside 192.168.1.0 255.255.255.0 209.165.201.0 255.255.255.224 tacacs+

Most likely you will get in the logs this information if you have enabled authentication through the ASA or Firewall.
Can you post the logs to see if there are critical or just informational logs and what exactly do they mean?

Federico.

Community Member

Re: Understanding of Ports tcp/0 and udp/0

Hi Federico,

Thax a lot for your reply......

In my organasation i am using Sonicwall firewall,Pls find the logs for more clarrificaion.I am getting this logs from most of the internet traffic.

But i am wondering about that my traffic size is zero.

And second thing is that also i am getting some other logs tcp/smtp and udp/389 about that i am bit confused.

Pls go through and help me out.

Thanx once again.....

Re: Understanding of Ports tcp/0 and udp/0

Those logs could be part of an authentication like I mentioned, or could be traffic that is flowing through the ASA.

Who is sending the logs, the ASA?

What severity are these logs? Are they just informational or critical?

This could be normal traffic or not, in order to find out, we need to know if that traffic showing on the logs is supposed to go through the ASA in the first place.

A configuration will help.

Federico.

517
Views
0
Helpful
3
Replies
CreatePlease to create content