Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

No BBSM access from internal networks

I have been trying to get someway to access the BBSM from internal networks.

We have a dual vlan config with a management and a guest network. I can manage it fine from the webGUI in the management vlan

We have two problems here

1) Basic access from the management VLAN for TS or RDP and file access so we can modify the look of the pages. we don't want to open it up to the outside, and certainly don't want to have to go to the server and copy files with a floppy.

2) Access to the web GUI for access code generation from outside the management network. Since we will be using the receptionists in various buildings to give out access codes to vendors or visitors they will be on seperate subnets from the management vlan.

I had a case opened and not much help resolving this. Apparently there is some command line stuff using openport, and there is a portfilters.bat file that can be modified. Has anyone tried these??

Thanks!

2 REPLIES
Super Bronze

Re: No BBSM access from internal networks

Hmm.. I've had this problem... It turned out that RDP was enabled to the OUTSIDE interface of the box by default... which seemed odd.

Fortunately for us we had deployed in a way that allowed us to control access to the outside, and it actually worked out OK as corporate LAN people could then access the pages on the box for management, but no access was enabled from the 'guest' side...

Regards

Aaron

Please rate helpful posts...

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
New Member

Re: No BBSM access from internal networks

I have fixed this by using the ipsec command to open ports up. Also needed a route on the server to get back to our internal network.

ipsecpol -x -w REG -p "BBSM_Security" -r "InternalAllowRDP-in" -n PASS -f 10.x.x.x:3389+*::TCP

ipsecpol -x -w REG -p "BBSM_Security" -r "InternalAllowRDP-out" -n PASS -f 10.x.x.x:=*:3389:TCP

I needed to open up netbios so we could upload files and 9488 to all internals so the receptionists in other subnets could access it. One of the guys in the group is cutomizing the web interface, and is creating a very basic interface for the receptionist to use using SQL and some asp pages.

105
Views
0
Helpful
2
Replies