cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19471
Views
4
Helpful
3
Replies

Disable TCP port 5060 and port 1720

alanchia2000
Level 1
Level 1

Our company owns a Cisco 2821 router. Doing an nmap scan on the router shows 2 open ports, TCP port 5060 and 1720. Can I stop the services listening on those ports? Any advice is appreciated.

Thank you.

3 Replies 3

Brandon Buffin
VIP Alumni
VIP Alumni

Port 1720 is used for gatekeeper communication using the RAS protocol. Port 5060 is used by SIP. Sounds like you're running voice on your network. If so, these ports could be open for a reason. You may want to investigate the reason before closing the ports. Are the ports open to/from specific hosts? Feel free to post your config if you need further help.

Hope this helps. If so, please rate the post.

Brandon

Port 1720 (tcp) has little to do with gatekeepers and definitely is NOT for RAS communication.

Port 1720 is for direct Q.931 call signalling.

Stopping the voice ports could be done by this:

conf t

voice service voip

shutdown

Robert Salazar
Cisco Employee
Cisco Employee

You can disable the router listening on port 5060 by issuing this command:

router(config)#sip-ua

router(config-sip-ua)#no transport tcp

router(config-sip-ua)#no transport udp

For port 1720, you must configure an Access Control List (ACL), as shown:

Router(config)#access-list 107 deny tcp any any eq 1720

Router(config)#interface e0

Router(config-if)#ip access-group 107 in

The reason the router listens on port 1720 is likely that you are using an IP PLUS feature set Cisco IOS image.

IP PLUS supports VoIP. It always has a default VoIP dial-peer (dial-peer 0). This listens on port 1720 for H.323 signaling. This behavior cannot be changed since the H.323 stack always runs with this feature set. If you do not want to use an ACL to control this behavior, you can use a feature set that does not support VoIP, such as an IP feature set.

To disable SIP, you need to upgrade to 12.3(8)T or later.

HTH,

Rob

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: