Help open port on ASA5510 (version 8.3)

Similar Messages

• Help Opening PORT 6112 for WarCraftIII Hosting

  I'm trying to help my son use WarCraftIII to host a game in our iMac G5, but no one can join. Successful hosting is supposed to be an issue of opening port 6112 but no success yet.
  What I have done so far:
  1) Set Linksys BEFSR41 router to forward port 6112 both ways. Contacted blizzard tech support today and they told me I needed to open the port in Linksys router by following instructions at http//:www.portforward.com for my router, and the WarCraft III game (fyi this is a very nice site, anyone with router setting issues should check it out). I went to the site, clicked on "Forward", found my router (Linksys BEFSR41v1.39)in the list below, then found my game WarCraft III in game list and followed instructions at this website: http://www.portforward.com/english/routers/portforwarding/Linksys/BEFSR41v1.40.2/WarcraftIII.htm
  2) Opened port 6112 in Mac OS FileSharing FireWall. I'm not so sure I got this part right. I went to System Prefs, File Sharing, FireWall and clicked New. Then I entered 6112 in both TCP and UDP (cause I don't know which it is) and selected Other and gave it the name WarcraftIII1 (used this name, because we were helping a friend set up his router (Linksys WRT54G) to pass 6112, and the portforward.com instructions had us enter that text in Application field for the port forwarding range: http://www.portforward.com/english/routers/portforwarding/Linksys/WRT54G/WarcraftIII.htm So, I figured this was as good a name as any to use in FireWall setting.
  Ideas I have not tried yet:
  1) Maybe I need to update my Linksys firmware? I noticed that the Portforward instructions were for Linksys firmware 1.40.2 My firmware is 1.39 (going to Linksys site I see there's a newer version v1.46.02 available). So, maybe I need to download and apply (but I don't want to screw up my current router settings - since the work! - and I'm figuring it's likely to lose all current settings with a firmware update).
  2) Maybe I need a different name in the FireWall port than "WarcraftIII1"? Maybe one of the pull-down options are what I should have used.
  Any help would be greatly appreciated!
  iMac G5   Mac OS X (10.4.6)   1.5 Gb RAM

  Hey Tim,
  Thanks for tip on preparing for firmware update. As it turns out, all settings were wiped when I did the update. But I like the approach of having 'clean' setup before update (sort of like running Disk Utility before and after new sofware installs).
  I tried turning off the Mac OS firewall, but it didn't help (so I don't think that's the root cause - but a good thing to test). Part of the www.portforward.com instructions for using my Linksys router with WarCraftIII include setting to DISABLE the "Block WAN Request" option. I don't know much about router security, but this makes me feel more vulnerable. So, I prefer to keep Mac OS firewall enabled, as long as it doesn't get in the way (also MacWorld's most recent issue recommended firewall ON, and activate Advanced settings turning ON options for Block UDP Traffic, and Enable Stealth Mode). Having my firewall set up in this way hasn't been any problem for me at all for past 1.5 yrs, until just recently when I tried hosting WarCraftIII Custom Game (reason I want to do that, is it allows my son to play online against only friends we know - call me overprotective, and I'll happily plead guilty). As a case in point, I was on the Battle.Net USEast Open Tech Support chat channel last night (you get to this from within the WarCraftIII application), asking if someone would do a quick test and join my Custom Game. During that brief interchange, one of the other people on the channel types in all caps "I want to f**k your mother" (without the *'s)". I'm thinking, yeah Custom Game is the way to go, I'd don't want my son out here with the likes of you. Thankfully, someone else agreed to the test. Unfortunately it failed.
  I think I've about got it beat though. I found on the blizzard.com support site, a way to use Terminal to run a traceroute by typing (without the quotes) "traceroute us.logon.worldofwarcraft.com > ~/Desktop/tracert.txt" and press the Return key. Previously I was getting all *'s back in the results (which means no recognized connections). Now, I'm getting IP addresses and ms timing for hops so it appears I'm getting through. http://www.blizzard.com/support/wow/?id=aww0827p5
  But, I've got to go and won't be able to test ability to join a Custom Game with my son's friend until later tonight.
  Thanks again. C

• Help opening ports ...

  i have high speed DSL and i wireless linksys router that i use to play a PS3 online. i can play games online just fine but when i attempt to connect directly to other players (attempting to join squads, parties, one on one football matches, etc.) i am unable to. but like i said, i can play the game online without trying to connect to someone else ... i've read where i should try to open some ports on my router to enable me to connect to others. i have a list of ports to try but i have no idea where to go or how to open them up. if you can't tell, i'm really uneducated when it comes to wireless internet connections. can anyone offer some help? thanks

  Definitely I can help you but what is the model number of the router?

• Help opening ports on my WRT2GS2 Router

  I went into the web based page and set the ports to what i needed, then clicked enable, but when I try to run the Minecraft server and allow others to connect, only I can connect. Help please.

  Who is your Internet service provider?
  Try to upgrade/re-flash the firmware on your router.
  Connect the computer to the router with the Ethernet cable. Download the latest firmware from Linksys website and save it on your computer. Open the setup page of the router and upgrade the firmware on your router.
  After upgrading the firmware on your router, press and hold the reset button on the router for 30 seconds. Release the reset button and wait for 30 seconds. Power cycle the router and reconfigure it.

• My keynote has frozen and wont open but the saved version wont open either. if i restart my laptop i am afraid that it will erase my work. please help me

  my keynote has frozen and wont open but the saved version wont open either. if i restart my laptop i am afraid that it will erase my work. please help me

  Try this repair for Keynote 6.2,  ensure you complete all the tasks and in the order shown:
  1 
  delete all the iWork applications if you have them, not just Keynote, using Appcleaner from Mac Update, its a freeware application
  2 
  empty the trash:  Finder > Empty Trash
  3 
  Shut down your Mac, wait 30 seconds, then power on the Mac, immediately after the start chime, hold down the Shift key
  When you see the grey Apple symbol and progress indicator (a spinning gear), release the Shift key.
  If you are prompted to log in, type your password, then hold down the Shift key again as you click Log in. 
  Let the Mac fully boot up, it will take longer as the OS is repairing the drive
  4
  when fully booted, go to Applications > Utilities > Disc Utility; click on the boot drive then First Aid tab and click  repair disc permissions
  5
  when complete, restart the Mac normally, Apple menu > Restart
  6 
  install Keynote from the Mac App Store
  let us know if this helped

• Pages app unexpectedly quit whilst I was in the middle of a document. I can now not open it AT ALL. I find it's not just that particular document that won't open, but any of my Pages docs will not open using the current version of Pages. Any help?

  Pages app unexpectedly quit whilst I was in the middle of a document. I can now not open it AT ALL. I find it's not just that particular document that won't open, but any of my Pages docs will not open using the current version of Pages. The reports of the app unexpectedly closing each time, automatically went to Apple, but I am not sure what happens with them then. Does anyone know how to help me with this? We live in a very isolated region so rely on internet help. Thanks

  I also managed to read a few other discussions about Pages and files not being able to open. I actually went to the last back-up and restored the computer from that and everything seemed to work ok again, which is great!...advice from another discussion I think you may have been involved in PeterB. Thanks for the advice...also this advice, as I will make a note of trying to open using the Shift key if it happens again and see what happens...might be an easier first option than restoring from a back-up. Thans heaps for the help!
  I was interested to read some of the other discussions where it was stated that Pages '09 seems to be a better option to use. I have both installed, so I will lkeep this in mind. Thanks heaps!

• Trying to open itunes but a window opens and says  . this version of itunes has not been correctly localised for this language. please run. the English version. i have never had this before. please help

  Trying to open itunes but a window opens and says , this version of itunes has not been correctly localised for this language. Please run the English version. Please help.

  Hey mcooper156,
  I would try the troubleshooting steps in this first article:
  iTunes for Windows Vista or Windows 7: Troubleshooting unexpected quits, freezes, or launch issues
  http://support.apple.com/kb/TS1717
  If that doesn't resolve the issue, then I would try and remove iTunes (and its related software) then reinstall:
  Removing and reinstalling iTunes and other software components for Windows Vista, Windows 7, or Windows 8
  http://support.apple.com/kb/HT1923
  Regards,
  Delgadoh

• Help!! Updated new version of iTunes but I can't open it

  Help!! Updated new version of iTunes but I can't open it nw. It pop up a window said: [the file "iTunes Library.it" cannot be read because it was created by a newer version of iTunes. ] what is it?Tried to remove and install old version iTunes also can't work..

  Manually download from here and install http://support.apple.com/downloads/#

• I'm in syria and they blocked me from using any VPN service please help without VPN i can't open the store help please ( using iphone 5 version 9.1.4 )

  I'm in syria and they blocked me from using any VPN service please help without VPN i can't open the store help please ( using iphone 5 version 9.1.4 )

  There is nothing that anyone here on a user forum can do to help you.  If it is a local issue in Syria, then you need to take it up with your phone company or authorities there who have prevented you from using VPN.
  Nobody here can help you.

• Help with opening port 10000 on a pix 501

  I am attempting to open port 10000 so that I can remotely VPN using tcp port 10000. This is a pix 501 running version 6.3.5.
  What commands do I need to enter for this to happen?

  Remote vpn access can be configured on a pix 501 by using the configuration guide present in the links given below:
  Site-to-Site VPN Configuration Examples is present in the url below:
  http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/sit2site.html
  Managing VPN Remote Access giude is present in the following url:
  http://www.cisco.com/en/US/docs/security/pix/pix63/configuration/guide/basclnt.html

• Cant Open Port 3659 on Home Hub! Please help!

  Im having problems with playing Battlefield 3 online. After contacting EA they told me I needed to forward the following ports on my new BT Home Hub 3.0 Firmware Version: 4.7.5.1.83.8.94.1.11 (Type A):
  TCP: 80, 443, 9988, 20000-20100, 22990, 17502, 42127
  UDP: 3659, 14000-14016, 22990-23006, 25200-25300
  All of them were applied fine apart from port 3659 where it gives the following error:
  It says theres a conflict even if I try only applying this one rule. According to another forum 3659 is actually the most important as it relates to the 'EA Tunnel' so could explain the issues Im having?
  If I use an online Port Scanner, some tell me that its blocked and the following one shows that its (TCP version) filtered to 'apple-sasl'. So it looks like maybe its been pre-reserved for Apple products and hence why it cant be forwarded to a more general rule?
  Do BT block or throttle any ports? How can I fix this issue?
  Thanks.

  Use the IP address not the device name.
  This page should help.
  Port forwarding problems
  There are some CCTV example on this page.
  Help with setting up routers, repeaters, Smart TVs, printers, CCTV, NAS, VOIP
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• I need to open ports, and nothing I've read seems to help me

  I have an aiport express, it's my only router.  it's connected directly to my cable modem (TWC).  I have no firewall for incoming (there's no options for outgoing) no matter what combination of settings I use, I can't seem to get more than port 5000 open. Why 5000?  and why can't I get any other port open?

  There are heaps of posts here about how to open ports on apple routers specifically for xboxes.
  AirPort Extreme and xbox 360

• Need help with opening ports on airport extreme

  My vonage phone is connected to airport extreme router, voice quality of phone calls was poor. Vonage tech support says   vonage port on my airport extreme was closed and i need to open it.
  Here is my chat details with vonage tech support-
  The following ports are needed for Internet communication between the Vonage adapters and the Vonage servers.
  SIP: Port 5061 UDP
    RTP (Voice) Traffic: Ports 10000-20000 UDP. When a call is made, a random port between 10000 and 20000 is used for RTP (Voice) traffic. If any of these ports are blocked, you may experience one way or no audio.
  Please do suggest me the way to open the ports on airport extreme
  Thanks
  Venki

  Instructions for opening ports is here.
  https://discussions.apple.com/docs/DOC-3415
  You should be fine opening the whole range, 10000-20000

• I have a dvr and I want to monitor from my phone.  this worked when I had a Belkin router that let me open ports.  I use "canyouseeme" and it can't see 80, 9000 or 1025. How do I make them available?

  I have a Lorex DVR that I want to monitor from my IPhone and IPad.  I used to be able to do this when I had a Belkin router (easy to open ports) but I bought the AirPort Extreme router and no longer have that capability.  When I use "canyouseeme" they can NOT see 80, 9000 or 1025.  Lorex says I need them all available in order to access.  Help!  And all the help I see refers to a earlier version of the AirPort Utility so I cant use those to look at anything, I cant find the same screens, I have version 6.1 (610.31).  I also don't really understand how ports work, so I need a pretty basic explanation.

  Well...I went to the modem (Westell, WireSpeed), found the NAT settings, once again, I'm WAY over my head, I am assuming this is a TCP connection (as opposed to a UDP) and per Lorex my mobile devices will use port 1025.  So I gave it a "global port range" of 1-10 and I indicated that the "base host port" was 80, 1025, & 9000 (ports 1,2,3).  When I selected the 'enable' it asked for a "host devise" my choices are my IPhone, IMac and the IP address for the dvr, so I choose the dvr.  I still cannot connect and canyouseeme still can NOT find these open ports.  This is taking up my whole day! I don't know how people figure this stuff out.

• Open ports problem ASA5505

  Hi everyone.
  I'm trying to open ports on a specific host but I can't make it work.
  I tried to make it clear as possible,
  Thanks for helping.
  There is my config:
  Result of the command: "show run"
  : Saved
  ASA Version 9.1(3)
  hostname ciscoasa
  enable password *** encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd *** encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 1.1.1.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address MY-FIREWALL-IP 255.255.255.240
  boot system disk0:/asa913-k8.bin
  ftp mode passive
  object network obj_any
  subnet 0.0.0.0 0.0.0.0
  object network LAN-SITE-B
  subnet 1.1.2.0 255.255.255.0
  object network LAN-SITE-A
  subnet 1.1.1.0 255.255.255.0
  object network Firewall-SITE-B
  host VPN-SITE-B-IP
  object network SERVER01
  host 1.1.1.2 (MY SERVER THAT I WANT TO ACCESS FROM OUTSIDE)
  object-group service ALL-IP tcp-udp
  description ALL-IP
  port-object range 1 65535 (FOR TESTING PURPOSE, I'M TRYING TO OPEN ALL PORTS ON THIS HOST)
  object-group protocol TCPUDP
  protocol-object udp
  protocol-object tcp
  access-list outside_cryptomap extended permit ip object LAN-SITE-A object LAN-SITE-B
  access-list outside_access_in extended permit object-group TCPUDP any host MY-HOST-PUBLIC-IP (DIFFERENT FROM THE OUTSIDE INTERFACE) object-group ALL-IP
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (inside,outside) source static LAN-SITE-A LAN-SITE-B destination static LAN-SITE-B LAN-SITE-A no-proxy-arp route-lookup
  object network obj_any
  nat (inside,outside) dynamic interface
  object network SERVER01
  nat (inside,outside) static MY-HOST-PUBLIC-IP (DIFFERENT FROM THE OUTSIDE INTERFACE)
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 MY-GATEWAY 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  no user-identity enable
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 1.1.1.0 255.255.255.0 inside
  http 0.0.0.0 0.0.0.0 outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto ipsec security-association pmtu-aging infinite
  crypto map outside_map 1 match address outside_cryptomap
  crypto map outside_map 1 set pfs
  crypto map outside_map 1 set peer SITE-B
  crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map interface outside
  crypto ca trustpool policy
  crypto ikev2 policy 1
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable outside
  crypto ikev1 enable outside
  crypto ikev1 policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh 0.0.0.0 0.0.0.0 inside
  ssh timeout 5
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  dhcpd auto_config outside
  dhcpd address 1.1.1.100-1.1.1.125 inside
  dhcpd dns 24.200.241.37 24.201.245.77 interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  group-policy GroupPolicy_SITE-B internal
  group-policy GroupPolicy_SITE-B attributes
  vpn-tunnel-protocol ikev1 ikev2
  username MY-USER password *** encrypted privilege 15
  tunnel-group SITE-B type ipsec-l2l
  tunnel-group SITE-B general-attributes
  default-group-policy GroupPolicy_SITE-B
  tunnel-group SITE-B ipsec-attributes
  ikev1 pre-shared-key *****
  ikev2 remote-authentication pre-shared-key *****
  ikev2 local-authentication pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:f5d698f2b08e98028f2d487a42c7187e
  : end

  Hi Jouni,
  Thanks for helping again,
  Looks like i'm getting the same problem.
  ciscoasa# show run access-list
  access-list outside_cryptomap extended permit ip object LAN-SITE-A object LAN-SITE-B
  access-list OUTSIDE-IN extended permit ip any object SERVER01
  ciscoasa#
  ciscoasa# show run access-group
  access-group OUTSIDE-IN in interface outside
  ciscoasa#
  ciscoasa# packet-tracer input outside tcp 1.1.1.1 12345 MY-SERVER01-PUBLIC-IP 12345
  Phase: 1
  Type: UN-NAT
  Subtype: static
  Result: ALLOW
  Config:
  object network SERVER01
  nat (inside,outside) static MY-SERVER01-PUBLIC-IP
  Additional Information:
  NAT divert to egress interface inside
  Untranslate MY-SERVER01-PUBLIC-IP/12345 to 1.1.1.2/12345
  Phase: 2
  Type: ACCESS-LIST
  Subtype:
  Result: DROP
  Config:
  Implicit Rule
  Additional Information:
  Result:
  input-interface: outside
  input-status: up
  input-line-status: up
  output-interface: inside
  output-status: up
  output-line-status: up
  Action: drop
  Drop-reason: (acl-drop) Flow is denied by configured rule