Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN Concentrator Open ports

I am running port scan(Angry IP Scanner) against VPN concentrator. Sometimes it shows the port 21 as open. I have disabled ftp under "Management Protocols" Sometimes it shows port 389 & 1002 as open. Whats wrong with my VPN concentrator?

I have enabled only IPSEC under Tunneling Protocols.

When I run port scan what ports should be listed as open?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VPN Concentrator Open ports

Hello avilt,

VCA stands for Virtual Cluster Agent. This is basically used when the VPN 3000 pair is configured for load balancing... when doing this the boxes talk to each other on VCA and we normally need to allow this on the filters ..

My question is, have u enabled this filter on the public interface ?? are u seeing the ports going through the VPN concentrator or are u doing a VA scan and seeing these ports (like FTP) open on the VPN concentrator?

Raj

4 REPLIES
Cisco Employee

Re: VPN Concentrator Open ports

Hi,

can you check the Interface Filter and the corresponding rules applied to it.

You might have a rule defined to allow the mentioned ports.

HTH,

-Kanishka

Community Member

Re: VPN Concentrator Open ports

I have the following filters for the Public interface.

IPSEC-ESP In(forward/in)

IKE(forward/in/out)

ICMP(forward/in/out)

VRRP(forward/in/out)

NAT-T(forward/in/out)

VCA(forward/in/out)

Whats this VCA filter used for?

Re: VPN Concentrator Open ports

Hello avilt,

VCA stands for Virtual Cluster Agent. This is basically used when the VPN 3000 pair is configured for load balancing... when doing this the boxes talk to each other on VCA and we normally need to allow this on the filters ..

My question is, have u enabled this filter on the public interface ?? are u seeing the ports going through the VPN concentrator or are u doing a VA scan and seeing these ports (like FTP) open on the VPN concentrator?

Raj

Community Member

Re: VPN Concentrator Open ports

Thank You. Something is wrong on my scanning PC. It shows ports 389 and 1002 as open for every IP address even for hosts which are not alive.

309
Views
0
Helpful
4
Replies
CreatePlease to create content