Open port 5223 through firewall

I was hoping to get a little assistance in opening a port through our ASA 5510. I need to allow a tcp connection for IP 65.74.157.196 on port 5223 through our firewall to the subnet 10.1.12.0/24.
In the GUI, I created an access rule on our Outside interface with the source of 65.74.157.196 and the destination of 10.1.12.0/24 with the Service set to tcp 5223 and the Action is Permit.
Is there anything else I need to configure?

We are running 8.2.
This is what I have:
ACL
access-list Outside-ISP1_access_in extended permit tcp host RemoteServerIP any 5223
NAT
static (Inside,Outside-ISP1) tcp interface 5223 10.1.12.55 5223 netmask 255.255.255.255
10.1.12.55 is the inside address the remote server needs to communicate with on 5223
I attached an image of the Packet Tracer results.

Similar Messages

  • Open port 5000 through 5005

    Hello Rogue Amoeba support tells me, in order to get the Airfoil Speakers software to function, I must open port 5000 through 5005 on my router (WRT54G). I have scoured the .pdf manual, perused the web support site as well as the present forums. Mostly, I don’t know what much of this stuff means so I may have inadvertently passed up what I need to know. Mainly, I don’t want to screw up the router function as it is working just dandy. For all I know, ports 5000 through 5005 are already open. If anyone can give me some guidance in plain English, I would certainly appreciate it. Thanks.

    Log in to the router set-up page. To do this, open up a web browser ( Internet Explorer , Firefox etc) and type on the address bar your default gateway (if left alone, it is usually 192.168.1.1). Just leave it's username blank, password as a default is admin.
    Go to the Applications and Gaming tab then go to the Port Triggering subtab. Start port is 5000 and end is 5005 for both Triggered and Forwarded range.

  • RDS and Gateway issues: Cannot get remoteapps to run without opening port 3389 on firewall

    I am testing the setup of a small RDweb server to host QuickBooks for some remote sales users (4 users). For the most part, I have everything installed on one virtual server (using 2012r2 "Quick Start" session host deployment with the additional
    Licensing and Gateway server roles added to the same server).
    Everything works excellent with one exception. External clients cannot launch published apps without having port 3389 open on the firewall, even with the gateway role installed and the 'Deployment Properties' set to use the gateway. They can properly connect
    to the RDweb site and view the published apps. The only way it works is open the firewall port (at which time I can disable the gateway or leave it configured and it works either way). Internally, everything works accordingly. I have followed the steps outlined
    on many sites and have combed though the forum here to no avail.
    Error received (summarized but is a well documented error):
    remote desktop can't connect to the remote computer: 1- Your user account is not listed (it actually is) or 2- You might have specified the remote computer in NetBios format . . etc.
    This is an existing SBS 2011 environment with additional virtual servers setup to host QuickBooks as outlined below:
    Current setup:
    Used Quick Start to install Remote Desktop Services in hosted sessions mode
    Installed the additional roles for Licensing and Gateway server on same server
    Configured wild card public certificates on all four services (Connection Broker(2), Web Access and Gateway)
    Configured internal DNS to properly lookup our external FQDN of this server (ex. quickbooks.contoso.com points to quickbooks.contoso.local
    One thing I noticed (just now) when I launch a published app and the firewall has port 3389 closed, a dialog box pops up directly after launching the app that warns about running a RemoteApp program and mentions the Remote Computer and the Gateway Server
    as both the same (which it is); however, I would have assumed one would have listed the internal server's name while, instead, both are listed as the external FQDN. Either way, internal DNS should still allow it to properly route . . no? I don't know . . I'm
    sure I am just missing something in a routing configurations somewhere. The gateway service is not properly looking up the RDweb service and then seeming not routing the encapsulated RDP session through HTTPS. . .. is my guess . .
    I was reading about the "set published name" commandlet; however, I am not experiencing a certificate name mismatch; however, the certificate name does show up as *.contoso.com versus the actual name. I may just be grasping as straws now . . :)

    Ok, while I was in the server and looking over the BPA scans: "The Remote Desktop Gateway (RD Gateway) server Secure Sockets Layer (SSL) certificate may not have a valid certificate subject name." This may be due to it showing up as *.companyname.com
    versus quickbooks.companyname.com. Anyhow. .. on to the list of actions above:
    Changed RD RAP from "Select Active Directory" group to "Allow any network resource" and tested with port 3389 closed on firewall:
    Worked. Initially it did not as I had used a custom shortcut created from earlier; however, after logging into the RDweb site again, the application loaded fine now (after the RD RAP change)
    No error message appeared; however, I did notice that for a split second, the word Error did appear in the browser's tab title, but only very shortly. The app launch does take a bit longer too now (about 10-15 seconds, up from about 4 seconds with the port
    open). This, I could care less about so long as we are properly forwarding the traffic through the gateway.
    As for log entries, I had spend quite a bit of time in there and only had minor issues with loading user profile setting taking too long and policy settings preventing the redirection of USB devices. Looking again, no issues still. Just a bunch of informational
    entries where I would connect before (and disconnect) but only with the port on the firewall open; otherwise, there was not an entry corrolating to when I would receive an error before. Now though, I am connecting after the RD RAP change and logs are showing
    connections even with the port closed. These are in "operational", the "admin" log only shows the update to the RD RAP configuration.
    Yes, the LAN's DNS server does relay the lookup information for my public FQDN as the local LAN address. No need for a local host record.
    I have now added a new rule in our firewall to allow and forward UDP port 3391 traffic to the internal server hosting remote services
    Thank you very much for your assistance on this matter. The RD RAP rule was default built during the creation of this services. Why is the resource not cross-referencing AD security groups? I could have sworn I created a group for that . . .

  • Webmin Port Access through firewall

    OSX 10.8.5
    I just finsihed installing the latest version of Webmin.
    Everything is working fine but I can not figure out how to allow access through the firewall GUI.
    I need to open port 10000. Any suggestions?

    Thanks, I posted there a few months ago, without luck. I think I've finally found something when Googling the versions of each. iChat on Leopard doesn't use newer authentication protocols and Psi would need recompiled to be compatible. If anyone is curious in the modification here you go:
    http://forum.psi-im.org/thread/5091
    For now I'm looking for an alternative Jabber server to use.

  • Opening port 51325 on firewall

    Hello,
    In order to get a fast response when the print properties are asked in Office, port 51325 has to be opened on the firewall. After some research on the web I still can't find any reason why...
    Anyone knows what this port is used for? Are there any security issues?
    Thanks in advance!

    Hello,
    In order to get a fast response when the print properties are asked in Office, port 51325 has to be opened on the firewall. After some research on the web I still can't find any reason why...
    Anyone knows what this port is used for? Are there any security issues?
    Thanks in advance!
    Can you provide information, links, etc., where you got this information that Office requires this specific port number? Also, is the port# you're referring to a TCP or UDP port?
    FYI, TCP & UDP 51325 is part of the dynamic port ranges known as the Service Response Ports, or also known as the Ephemeral Ports. They are ports  that are randomly selected (Windows Vista, Windows 2008 and newer operating systems) between
    TCP & UDP 49152 - 65535. In Windows 2000, 2003 and XP, they were 1024-5000. Windows NT used the whole range.
    The initial port may be an attempt for Office or any other app, that needs access to something else, such as a mapped drive, or sending something to a printer. The initial port may more than likely be an RPC call on TCP 135, but the response from the destination
    host will be a randomly generated ephemeral port. And once the session is closed, the port is dissolved.
    Here are more specifics on ports in an AD environment:
    Active Directory Firewall Ports - Let's Try To Make This Simple (RODC, too)
    Published by acefekay on Nov 1, 2011 at 4:31 PM
    http://msmvps.com/blogs/acefekay/archive/2011/11/01/active-directory-firewall-ports-let-s-try-to-make-this-simple.aspx
    Windows Vista, Windows 7, Windows 2008 and Windows 2008 R2 Service Response Ports (ephemeral ports) have changed.
    http://support.microsoft.com/?kbid=929851
    Ace Fekay
    MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
    This post is provided AS-IS with no warranties or guarantees and confers no rights.

  • How do you open port 3283 when firewall is off?

    I've had no success trying to get ARD working on a new Snow Leopard Server 10.6.2 install on an XServe. Can't get it working from the Sharing control panel, and tried all the different syntax options in kickstart here
    http://discussions.apple.com/thread.jspa?threadID=2342445&tstart=15
    and here http://support.apple.com/kb/HT2370
    A port scan shows that port 3283 is closed, but the computer firewall is off, and there is no external firewall. Another 10.6.2 Server works fine on ARD, so it's internal to the first one.
    How can I open that port? Hoping that's the problem.
    Thanking anyone for feedback.

    It's probably a Mac OS X firewall fault, where it's actually holding that port closed even though it claims the firewall is off. I'd suggest you ask in the Mac OS X Server forum; you'll be more likely to get help with this problem there this not being an ARD problem per se.
    This of course presumes that the Xserve isn't behind a router that might be filtering that port. If both Xserver are on the same subnet, that probably won't be the case, but if the problem Xserve is on a different subnet, you might check the router's filter.
    Regards.

  • SCCM 2012 R2 - Ports Required through Firewall

    Hi all,
    currently working on the list of ports which i'll need to wing over to the network guys to open on the firewalls. Here is what i've come up with from my various readings:
    Name
    Port
    TCP/UDP
    Purpose
    ICMP
    Echo requests messages go from site server to clients
    RPC
    135
    TCP
    Site Server > Client | Console > Site Server
    NetBIOS
    139
    TCP
    Client < > Site Server
    HTTP
    80
    TCP
    Client < > Site Server
    HTTPS
    443
    TCP
    Client < > Site Server
    SMB
    445
    TCP
    Site Server > Client Computer
    LDAP
    389
    TCP
    Site Server > Domain Controllers
    RemoteControl
    2701
    TCP
    Site Server > Client
    WSUS
    8530
    TCP
    Client > Site Server
    WSUS
    8531
    TCP
    Client > Site Server
    MSSQL
    1433
    TCP
    Site Server > SQL Server
    SQLBroker
    4022
    TCP
    Site Server > SQL Broker Service
    Client Notificaiton
    10123
    TCP
    Site Server > Client
    WakeUpProxy
    9
    UDP
    Client > Site Server
    WakeUpProxy
    25536
    UDP
    Client > Site Server
    Is there anything glaringly obvious that i've missed? Or anything i've included unnecessarily? There was a good illustration diagram of how the ports worked in 2007 (http://technet.microsoft.com/en-gb/library/bb632618.aspx) but couldn't seem to find
    an equivilant for 2012 R2.
    Thanks for the help

    Hi,
    To add to that the ports for PXE is missing as well if you are going to use it. Have a look at this great excel spreadsheet where you can add a servername a roles in excel and it will give you what ports needs to be opened.. great help.
    https://sccmguru.wordpress.com/2012/11/09/configuration-manager-2012-port-information-and-spreadsheet/
    Regards,
    Jörgen
    -- My System Center blog ccmexec.com -- Twitter
    @ccmexec

  • Firefox website does not open although allowed through firewall window 7 and access to other websites possible

    Reinstalle Firefox but still no access.

    Do you mean that you can't any website or that you only can't access a specific website?
    Clear the cache and the cookies from sites that cause problems.
    "Clear the Cache":
    * Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
    "Remove Cookies" from sites causing problems:
    * Tools > Options > Privacy > Cookies: "Show Cookies"
    *http://kb.mozillazine.org/Error_loading_websites

  • Opening of TCP/IP Port 53 in Firewall

    Hi ,
    I checked few SharePoint blogs which say for SharePoint 2013 need to open Port 53 in Firewall for "User Profile Synchronization Service(FIM)" to
    DNS server.
    - What user profile sync is been done between SP server and DNS server. isn't the user profile sync is from AD server ?
    pl see the link http://technet.microsoft.com/en-us/library/cc262849.aspx
    Thanks 
    Hari
    Hari

    thanks guys.
    My SP farm is in could and AD & DNS are in different cloud zone, hence firewall is in between.
    I am SP guy no much knowledge of firewall, DNS & AD. The cloud infra team has rejected the request to open port 53 to DNS server reason " This rule cannot be allowed
    as it will also cause functional issues for the Cloud VMs. Cloud VMs depends on Cloud internal DNS services to function. One method may be to consider if another AD/ DNS can be configured within G-Cloud as a VM. We apologize as we are unable to advise a solution,
    and even this needs to be submitted in this Pre-Qualification form for approval. Please note that Cloud VMs must not directly join the remote domain as this will cause the required DNS records to be missing."
    So I still this FIM to connect to AD-DS server or DNS server to fetch user information. 
    Thanks
    hari
    Hari

  • Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

    Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

    Hi the_mad_movies,
    It seems like this article will be the best option for addressing this issue:
    Error 3194, Error 17, or "This device isn't eligible for the requested build"
    http://support.apple.com/kb/ts4451
    Thanks for coming to the Apple Support Communities!
    Cheers,
    Braden

  • Not able to access ports through firewall

    I'm setting up our new server, and we want to run a Quark license server through port 1028.
    In the Server Admin, under Firewall->Services->Settings, I set up a service for the license server on port 1028 using TCP and UDP protocols. It's allowed for any traffic.
    under Firewall->Advanced->, I set up a rule to:
    Allow all Quark services
    Source: any port 1028
    Destitnation: any port 1028 interface IN
    when I scan the open ports onthe server, I don't get a reponse from this port, or any ports. I've tried turning the firewall off completely, and it still doesn't show in the port scan.
    The only major change we're made to this server is that we're running bonded Ethernet on the 2 ports. Could this be stopping the ports from getting through?
    I've checked with IT, and they've (supposedly) verified that there aren't any blocked ports on our switch. The old license server runs fine on port 1028, and it's on the same switch.
      Mac OS X (10.4.7)  

    You are running a firewall on a non public server?
    Usually source and destination are not the using the same port number.
    Source is usually chosen from a range of high port numbers.
    Nevertheless if the QLA server isn't running on the server you woun't get an indication when portscanning the server (try portscanning on the server and use either localhost/127.0.0.1 or the "real" bonded interface IP).
    To my knowledge a switch can't block portnumbers but for a bonded interface the switch needs LACP capability for the trunk. There could also be different VLANs and routing.

  • Firewall in 10.5, how to open ports and how to manage?

    I am pulling my hair out with the new firewall in 10.5. In 10.4 I could just set ports as I liked in the control panel, in 10.5 there is no such thing.
    I need to for example open port 49999 to allow PageSender to function in my network.
    I need to open port 5901 to work with JollyFast VNC, as port 5900 is used by Apple Remote Desktop and the conflict if they both use the same port.
    Some of these ports I need permanent open like 59999 and others for one session and than close again, like 5901. Again in 10.4 I made the rule in the pref pane, ticked the box and Bob was your uncle. Now?
    I would like to be able to see what ports are open and active on the machine. I have no idea as to where I could see this.
    And at the same time I would like to keep the firewall as closed as possible as I am often on line in hotels etc.
    So I need help, is there a manual somewhere someone is aware of? Or do you have any answers?

    The new Application Firewall does not work in the same way as IPFW (the main firewall in 10.4).
    Instead of managing ports, it simply controls the access of applications to any port. Thus, if you want PageSender to receive connections, you simply need to switch the firewall to "Set access for specific services and applications", and then add PageSender to the list, with "Allow incoming connections". When you do this, PageSender will be able to receive connections on any port that it needs to.
    If you don't like this method of controlling connections, you can still use IPFW. Apple has removed the GUI, but you can download a GUI application like [NoobProof|http://www.hanynet.com/noobproof> or [WaterRoof|http://www.hanynet.com/waterroof/index.html], and you can then set access for specific ports.
    There are no problems with using both IPFW and Application Firewall.
    Cheers,
    Rodney

  • HT3576 how can i verify that the network or firewall is not blocking access to port 5223.

    how can i verify that the network or firewall is not blocking access to port 5223?

    Talk to someone who knows something about networking and/or firewalls on an appropriate forum.
    Configuring your network and/or firewall is beyond the scope of this forum, which is devoted to issues using the iPhone.

  • HT3576 How do you, verify that the network or firewall is not blocking access to port 5223.

    How do you, verify that the network or firewall is not blocking access to port 5223.

    Maybe:
    http://answers.yahoo.com/question/index?qid=20110606132954AAZH4Tc
    http://forum1.netgear.com/showthread.php?t=48533

  • I need to open specific ports in the firewall - how do you do that?

    Hi There,
    I'm trying to setup a web development server on a spare mac mini but I can't figure out how to open ports for the MySQL server under Snow Leopard.
    Is there a way to do this? I've set the firewall to allow MAMP to open ports whenever it needs to but when I do a port scan of the Mac mini the MySQL port doesn't show up - SSH, HTTP and VNC do however.
    I'm happy to configure it via the Terminal but I can't find any info on how to do this in Snow Leopard as I think it's different from Leopard (based on what I've found online).
    e.g.
    $ ipfw show
    Gives me an error:
    "ipfw: socket: Operation not permitted"
    Any help would be much appreciated
    Cheers
    Ben

    After digging around it looks like Snow Leopard doesn't use ipfw for opening ports.
    Does anyone know how to open ports in Snow Leopard? Apple don't seem to have any info on this - besides the allow incoming connections for certain applications.
    Will try WaterRoof and see what happens.
    Cheers
    Ben
    Message was edited by: Ben Sciascia

Maybe you are looking for