Increase Port 443 Security in RV082

Similar Messages

• Ichat is not working.  tried using port 443 and still does not work

  ichat not working.  tried using port 443 and i stay on for about 45 seconds then it disconnects.  Can you help?

  HI,
  Can you tell me the make and model of your routing device.
  The 10 Second error message is caused by a break in the connection.
  This could be the Wifi being dropped (if you are using WiFi) due to interference from other nearby routers.
  It can be dues to setting or features of the router and if the experience has changed that could be due to a speed increase in your internet service.
  If you are using Ethernet and having this issue it is much more likely to be a setting/feature issue.
  Examples.
  Netgears.  These have a separate WAN set up page that lists either DoS or SPI as one of the things that can be Enabled or Disabled.
  Linksys.  If your model has a Security tab and this has  Firewall then DoS and SPI are port of this.
  Netopia devices Tend to have a 4 level Firewall which DoS and SPI are part of the two highest settings.
  DoS = Denial Of Service and is a Threshold based "Protection" Feature.
  it judges whether too much data is being sent to you  (it was designed originally to stop people overloading Web Servers (many people, many refreshes).
  iChat can outstrip the setting with most Internet Connections in most part of the world.  (In fact iChat can send more data than most Video Streaming sites)
  One thing you can do that may get around this is to reduce the Bandwidth used in iChat (iChat Menu > Preferences > Video Section > Bandwidth Limit drop down)
  Try 500kbps
  10:07 PM      Wednesday; November 23, 2011
  Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
    iMac 2.5Ghz 5i 2011 (Lion 10.7.2)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
  "Limit the Logs to the Bits above Binary Images."  No, Seriously

• The attempt to connect to the server (IP address) on port 443 failed - OLT

  Hi all
  I am facing one problem, if i run load to any application for 100 users for 1 iteration then it is not showing any error. Lets say i ran the load of 100 users for one hour then for some users there are errors like
  Line: (script.java:84)][ScriptException]: The attempt to connect to the server (IP address) on port 443 failed.
  And my understanding is the user's which are facing failures is not able to get response or page loaded at their end. As failures are occuring for some particular steps not the entire scenario. Pls confirm.
  Thanks

  I believe that's an indication that there is an error receiving mail, but if you have any drafts or email in your outgoing mailbox, try deleting them.  Apple's troubleshooting steps for this are (from http://support.apple.com/kb/TS4002):
  Cannot receive mail in OS X Mail
  If you use OS X Mail, look at the name of your iCloud account on the left side of the main Mail window. If your iCloud account name is dim and has a lightning bolt next to it, your account is offline. To resolve this, make sure your computer is connected to the Internet. Then choose Go Online from the Mailbox menu.
  If taking your iCloud account online doesn't resolve the issue, follow these steps:
  From the Mail menu, choose Preferences.
  In the Preferences window, click the Accounts tab if it is not already selected.
  In the Accounts list, select your iCloud email address.
  Click the Account Information tab.
  Verify your SMTP server settings with the following information:
  Incoming Mail Server: imap.mail.me.com
  User Name: Your iCloud email address
  Password: Your iCloud password
  Click the Advanced tab and verify the following additional settings:
  Port: 993
  Use Secure Sockets Layer (SSL): Should be enabled
  Authentication: Password

• Non SSL website on port 443

  Hi, I have a non-SSL website running on port 443. When I access this website using Chrome or IE it works just fine, but Firefox can't seem to accept what I have done. All browsers on the same machine and using the same web proxy.
  I access the website as http://xyz:443.
  Just a bit of background info as to why I need this. Where I work I can only access ports 443 and 80 via the web proxy. I have two distinct websites running on a couple of devices at home behind a very config-wise limited router which has ports 80 and 443 redirected to these hosts. There is no way for me to setup two port forward rules on port 80 to two different devices. I cannot setup SSL on either of the websites.
  Regardless of options that could exist to overcome my particular issue, I would like to check if you guys know how to make Firefox work with a website running on port 443 whilst not having a certificate assigned to it.
  Firefox 32.0.3
  Error message:
  The connection was reset
  The connection to the server was reset while the page was loading.
  The site could be temporarily unavailable or too busy. Try again in a few moments.
  If you are unable to load any pages, check your computer's network connection.
  If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

  What type of ssl are you running? [https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/]
  You can somehow remove the Strict-Transport-Security header or if there is a feature that forced encryption but by default https uses 443 for encryption. I do not know if this is possible.

• Port 443

  Is it possible to run iSQL*Plus only using Port 443/SSL? I receive the following
  error whenever I do not listen for port 80 connections:
  [Mon Sep 16 13:29:58 2002] [emerg] OPM: Could not find a valid non-ssl LISTEN ip
  and port. The whole process exits.
  [Mon Sep 16 13:29:58 2002] [alert] (2)No such file or directory: FastCGI: read()
  from pipe failed (0)
  [Mon Sep 16 13:29:58 2002] [alert] (2)No such file or directory: FastCGI: the PM
  is shutting down, Apache seems to have disappeared - bye

  Alison,
  Thanks for the reply. I think that the httpd.conf file is saying if you want both
  types of connections (http and https) you have to listen for both types of connections.
  We have other Apache web servers here that only allow https/port 443 connections and
  only listen for those type of connections.
  Maybe I should have asked my question a different way, is it possible configure
  iSQL*Plus via the httpd.conf file (and other .conf files) so that FastCGI will
  work with SSL connections? If not, is there a way to configure everything so that
  the only non-SSL connections are between FastCGI and iSQL*Plus (i.e., no users can
  connect to the web server without using and SSL connection)?
  Again, thanks for your help.
  Cecil,
  After reading the httpd.conf (web server config file), I found this:
  # Port: The port to which the standalone server listens. Certain firewall
  # products must be configured before Apache can listen to a specific port.
  # Other running httpd servers will also interfere with this port. Disable
  # all firewall, security, and other services if you encounter problems.
  # To help diagnose problems use the Windows NT command NETSTAT -a
  Port 7778
  ## SSL Support
  ## When we also provide SSL we have to listen to the
  ## standard HTTP port (see above) and to the HTTPS port
  Listen 7778
  Listen 4443
  It looks like you have to listen on a default port, as well as on an https port. iSQL*Plus doesn't actually care which port it is being called from as it is one step removed and has it's own (different) port connection to the web server.
  Perhaps this is a question to research from the web server (essentially Apache) point of view? You could try the usenet newsgroups, the Metalink web site, or you could call Oracle Support.
  Alison

• Help!!!!!!!!!!!!! Port 443 Issue

  Can any one tell me how to open port 443 on my wireless router model WRT54G3G-AT? For a secure business connection. Plese don't give me a link to follow, I've tried that one.
  Thanks,
  A

  Hi! Are you trying to access your router remotely via HTTPS? You just need to enable it thru the router's setup page > Administration > Access Sever > HTTPS (check the box to enable it).

• Linksys WRT300N Open port 443, Lease Time

  Hello. Definite Newbie here.
  I have my router's IP address up on my browser and I was wondering how to open port 443 and to make my "Lease time" at its maximum. Can someone help me?
  Thanks in advance.
  Erik

  pen an Internet Explorer browser page on a computer hard wired to the router...In the address bar type - 192.168.1.1...Leave the Username blank & in Password use admin in lower case...
  Once you login to the setup page of your Router, under the setup tab below change the DHCP Client lease time from to 0 to any number to increase the lease time.
  Then click on the "Application and Gaming" tab and below click on the sub tab "Port Forwarding" and below in the Application name type any name and then in the Start Port and End Port type the Port number and select the Protocol and input the IP address on which you want to Forward the Port and check the box and click on save settings..
  You can follow this link and it will help you in forwarding the port on your router.

• How do i temporarily disable TLS/SSL port 443 going to server on CSS

  We are having issues with truncating packets that go through the CSS
  I did a capture after the CSS and there is truncation............however i cant read it before the since everything is encrypted.
  They hit vip address 172.20.120.16. on the CSS and get redirected to 2 servers depening on what the url says
  They server team would like to turn it off just to test..i tried removing
  "add service ARR-public-ssl" from the contetn below and we lost http and https to the server
  so in essence i want to try and turn the 443 connection to a port 80---than it goes to port 7777 backend to 172.20.212.6
  content BYE-WEB-SSL
     vip address 172.20.120.16
     protocol tcp
     port 443
     advanced-balance ssl
     application ssl
     add service ARR-public-ssl
     active
  ssl-server 40
  ssl-server 40 rsacert byetest
  ssl-server 40 vip address 172.20.120.16
  ssl-server 40 cipher rsa-with-rc4-128-sha 172.20.120.17 80
  ssl-server 40 cipher rsa-with-rc4-128-md5 172.20.120.17 80
  ssl-server 40 urlrewrite 1 *
  ssl-server 40 cipher rsa-with-3des-ede-cbc-sha 172.20.120.17 80
  ssl-server 40 rsakey byekey
  backend-server 50
  backend-server 50 type initiation
  backend-server 50 server-ip 69.xxx.xxx.xxx
  backend-server 50 ip address 69.xxx.181.xxx
  backend-server 50 rsacert byetest
  backend-server 50 rsakey byekey
  active
  !************************** SERVICE **************************
  service TIE-SSLINIT
    protocol tcp
    ip address 69.xxx.xxx.xxx
    keepalive type tcp
    keepalive port 443
    slot 2
    type ssl-init
    add ssl-proxy-list HR-SSL
    active
  owner PublicBYE
    content BYE-WEB-ARRR
      vip address 172.20.120.17
      protocol tcp
      port 80
      url "/arr*"
      advanced-balance arrowpoint-cookie
      balance aca
      arpt-lct http-100-reinsert
      add service BYE-ods-web1
      active
    content BY-WEB-TIX
      protocol tcp
      port 80
      url "/tix*"
      advanced-balance arrowpoint-cookie
      balance aca
      arpt-lct http-100-reinsert
      add service BYE-ods-web2
      vip address 172.20.120.17
      active
    content BYE-WEB-TIX-CLEARTEXT
      add service TIX-SSLINIT
      vip address 172.20.120.19
      protocol tcp
      port 80
      active
  content BYE-WEB-Nav
    vip address 172.20.120.17
    protocol tcp
    port 80
    url "/na*"
    balance aca
    arpt-lct http-100-reinsert
    add service BYE-ods-web1
    active
  content BYE-WEB-SSL
    vip address 172.20.120.16
    protocol tcp
    port 443
    advanced-balance ssl
    application ssl
    add service ARR-public-ssl
    active
  service BYE-ds-web1-ssl
    ip address 172.20.212.5
    port 443
    keepalive type ssl
    active
  service BYE-ds-web2
    ip address 172.20.212.6
    port 7777
    keepalive port 7777
    keepalive type tcp
    active
  service BYE-ds-web2
    ip address 172.20.212.6
    port 7777
    keepalive port 7777
    keepalive type tcp
    active
  service BYEos-web2-ssl
    ip address 172.20.212.6
    port 443
    keepalive type ssl
    active

  CSS11506# sh ver
  Version:               sg0810205 (08.10.2.05)
  Flash (Locked):        08.10.1.06
  Flash (Operational):   08.10.2.05
  Type:                  PRIMARY
  Licensed Cmd Set(s):   Standard Feature Set
                         Secure Management
  Yeah..if done a packet trace before it hits the CSS and after......the only issue is that everything is engrypted before it hits the LB so i cant really read anythign....i did a pacet trace after the LB and on the Server itself its seems we get this
  I thought i saw some bug info from cisco but i cant tell if its related
  CSCsx05640—When you configure the CSS for a Layer 5 (L5) content rule and it receives an HTTP method POST with the HTTP header in one packet that is quickly followed by many packets of POST data or payload, it could fail to deliver all the data to the back-end server. The CSS Flow Manager (FM) application could incorrectly handle the POST and the data packet as a spanned content request and could cause the data to be mishandled. Workaround: Use less than 1-Gb connections in the network; a 100-Mb link does not exhibit this issue.
  As you can see after the content-length..........nothing comes across........sometimes addtional stuff will come in ...but usually nothing
  Is there a bug related to this on the CSS?
  POST /TIXX/DocumentRepository_Service HTTP/1.1
  Accept-Encoding: gzip,deflate
  Content-Type: application/soap+xml;charset=UTF-8;action="urn:ihe:iti:2007:ProvideAndRegisterDocumentSet-b"
  User-Agent: Jakarta Commons-HttpClient/3.1
  Host: www.xxxxxxxxxxxx.net
  Content-Length: 9044

• WRVS4400N & Port 443

  Hi,
  I just purchased WRVS4400N and tested, port 443 is not secure and I was wondering is there any way of blocking that **bleep**?
  Tryed everything (port forwarding etc.) nothing helps!!
  Please help!
  Elf
  The Elf Cleric

  When you say it is not secure, what exactly do you mean?  If you have the firewall enabled it should only allow packets in that are in response to a legitimate request from your computer (i.e. when you access a secure web site).  To block any incoming traffic for that port (or any other for that matter), click on the firewall link, click on IP based ACL and create a firewall rule that blocks any 443 (or whatever port you want to block) traffic from the WAN.  Be advised that if you block 443 you will not be able to access web sites using ssl. (https:// sites).  Port forwarding actually opens the port to inbound traffic, so you'll want to remove the port from port forwarding.

• IPS 4260-70 Events to Saalt - RSA using PORT 443

  I have a request to send all IPS 4260-70 on os vs 7.0.4(e4)  Events to Saalt - RSA using PORT 443.  I created an admin account, how do you configure the port 443?

  Edwin;
    Cisco's IPS sensors do not send events by default; they make use of the Security Device Event Exchange (SDEE) protocol in a client-server implementation (the IPS being the server and the remote application being the client).  By default, the IPS will listen on TCP port 443 for SDEE connections requesting events or opening a SDEE subscription.  The remote application (Saalt?) should require configuring the IP address of the IPS and a username/password for logging into the IPS.  The IPS will need an access list entry for the remote application host to allow successful communication.
  Scott

• Port 443 Open

  When I run Shields Up port scan test from Gibson Research (www.grc.com) it shows port 443 as being open. I haven't opened port 443. Why is it open on my WRT54G?

  First of all, please state the make and exact model number of your modem.  If you are using a "modem-router", rather than a true modem, Gibson's  "Shields UP!" will scan the ports on your modem-router, not the ports on your WRT54G.
  An "open" port is one that is listening to the Internet, waiting for another computer to try to communicate with it.   Ordinary home users don't need this, so ports are generally left closed (stealth).
  Port 443 is generally used for secure transmissions.  It would normally only need to be "open" if you wanted another computer on the Internet to be able to securely call your router (or computer).  This is typically used by businesses that want to establish a secure VPN (virtual private network) connection, to connect two branches of their business together, router to router.
  Note that port 443 does not need to be left "open" for ordinary Internet connections,  including connections to a secured server (https: connection).
  By default, all ports on your WRT54G should be closed (i.e. stealth).  However, if you have UPnP set to "enabled", then any computer program running on your computer can open a port on your router.  This is often the cause for "open ports" on the router.   Several types of programs like to open ports on the router.  These include Internet games, video conferencing software, peer-to-peer (P2P) software, and computer viruses.
  If you don't know of any programs on your computer that need to open ports, in the router, set UPnP to "disabled", and see if that corrects your problem.
  One other possible cause for this port 443 problem, is a firmware bug.  Some early versions of the RVS4000 firmware had this bug, but the bug was later fixed.  I have not heard of this bug appearing in WRT54G firmware.  What version of the router do you have?  Also, are you running a server (web site or game site) ?
  Message Edited by toomanydonuts on 08-02-2008 05:21 AM

• Problems with Port 5190 to Port 443

  After switching to Port 443 since getting the error message, I can't send or receive any files without getting an error message, any ideas?

  Hi,
  Is this an AIM valid Logion (AIM or Apple ID) ?
  Does you routing device allow port 5190 ON UDP (Still) ?
  iChat uses port 5190 on TCP to Login, which can be changed (to 443)
  It also uses port 5190 on UDP to Send files so it needs to be still allowed/opened in the modem or router.
  If you happen to be using 10.5.x then the Firewall (System Preferences > Security) should not have the UDP Block on in the Advanced Button.
  Nor should any routing device.
  8:23 PM Tuesday; April 13, 2010
  Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"

• RV110W port 443 always open

  I just bought and setup a RV110W. I noticed while scanning it from the WAN side that it always has port 443 open, even when remote management and VPN access are disabled. Why is this port still open, and how do I close it? Or is this a bug in the firmware? I am using firmware version 1.1.0.9, which is the most up-to-date for this unit. Having open ports allowing unsolicited contact from the WAN side, especially inadvertant ones, is a major security hole.
  I should be able to lock this down with no open ports on the WAN side. Any idea why this unit is doing this? Should I return this device, or is this fixable?

  I've upgraded to 1.2.0.9. The Cisco support site search top link that points to what it claims is the latest the firmware, displayed 1.1.0.9 as the most up-to-date. You have to notice the left hand column has a higher version number listed. See here.
  Once I did that firmware upgrade, the 443 port appearing open on the WAN side for unsolicited connections went away. The tool I used for probing was just Shields Up!. It's a pretty basic port scanner that probes for acceptance of unsolicited connections from external IP address 4.79.142.202 over a range of ports, typically ports 0-1055.
  I don't buy the "blame it on the modem" explanation, if for no other reason than in this router replacement, the modem wasn't changed and the previous router always showed no ports open for unsolicited connections in the port ranges I probed except when port forwarding was activated. I've not turned on any port forwarding (nor remote WAN-side admin access nor VPN access) on this RV110W for these tests.
  Anyway, for whatever reason, the issue seems to have gone away with this firmware version.
  BTW, the one complaint I have with the RV110W design (or any of its Cisco cousins) is the lack of SMA connectors for the antennas, so one is stuck using the antennas on the unit. My old router had vastly better coverage because I was able to replace it's antennas with external antennas which I could use to tailor the shape of the coverage area to the local. (e.g. D-Link ANT24-0700 omnidirectional antenna, Hawking HAI15SC corner antenna, etc) I hope I don't find I need to put this unit on eBay in a month and replace it with one with detachable antennas just to get adiquate coverage in the shape I need.

• Opening port 443 in MacOSx 10.6.5

  I am running a JBoss server in my Mac OSx 10.6.5. I am changing my iPhone App to access the Web Server thru HTTPS. Earlier the HTTP was working on port 8080. I can see from NETSTAT that the port is listening. But port 443 is not. How do I add this port?

  CopyCatX - CNet Downloads or MacUpdate.
  I don't think there is anything else that will do a bit-copy of the entire hard drive. Otherwise you have to clone OS X separately. The switch to Windows and use a utility that will clone the Windows volume.

• Cannot open socket connection on port 443

  Hi!
  Our server is running on Port 443.
  When I try to Connect from the BlackBerry 9300, an exception is thrown "cannot open socket connection on port 443"
  Can any one please help me in finding the solution to enable the port 443.
  Thank you in advance!
  Regards,
  Vinay

  I assume that you have verified that you can login to the ftp site using a regular ftp client (e.g. Fetch) on the Mac?