Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Open Port

Hi,

I have a Cisco 878 Router and have been asked to open ports 8585 and 8119. I have a web interface that does not show this option and I am new to telnet. Can anybody please give me some information on how to do this.

Many thanks.

6 REPLIES
New Member

Re: Open Port

Do you have acl configured on the interfaces of the router ?

New Member

Re: Open Port

acl - I have looked at the documentation that the Cisco Engineer left with me 2 years ago and it does say that acl is configured. How to get it or view it I am unsure.

New Member

Re: Open Port

Hi,

Just do show access-list from the priviliged mode (#) and you willl be able to see all the configured access lists in your router.

I hope it helps, thanks.

New Member

Re: Open Port

Hi,

I have done that and also used some code I have found from http://blogs.techrepublic.com.com/networking/?p=326 to open ports 8119 and 8585.

I have attached a screengrab of what I see at the bottom of my list when I type in "show access-list" in telnet. Howeever when I go to http://localhost:8585 I get page not found. I should be able to see a TomCat Page.

New Member

Re: Open Port

Hi,

I can't see very welll your output but I believe that at the begining of the access list you have a deny any any statement. If so, that is why you might still have issues seeing the page.

FYI, when you are going to modify an access list you have to remove it from the interface, then remove it from the configuration and re-enter it making sure that the statements are in the correct order. The deny statement has to go (always) at the end of the list; otherwise, all the traffic will be blocked.

Even if you don't enter the deny statement, there is an implicit statement in there.

Make the proper changes and let me know if it helps. Thanks.

Re: Open Port

Yes, you have a deny above your permit statements, and that will block everything. Since you're not using extended access lists, you'll have to remove the acl from the interface, copy and paste the acl into notepad, make your changes, and then paste back into your router. Then you'll reapply, but one thing to note, if you have an acl, and you're not using static nat translations to the device that you're wanting to open access to, then you won't really be doing much. You need to have statics in your nat translations.

To remove acl from interface:

router(config)# int fa4 (or whatever interface your public address is on)

router(config-if)# no ip access-group in

It would be best if you posted your sanitized config.

--John

HTH, John *** Please rate all useful posts ***
563
Views
0
Helpful
6
Replies
CreatePlease to create content