Opening port on a 5585 firewall

Similar Messages

• IBCM SCCM 2012 r2 DO WE HAVE TO OPEN PORT 8531 IN EXTERNAL firewall

  Hi All
  IBCM SCCM 2012 r2 DO WE HAVE TO OPEN PORT 8531 IN EXTERNAL firewall for our site syatem in DMZ with role MP,sup &DP

  I agree, for IBCM you need SSL.
  But as far as i know your Update Point isn't forced to run on SSL (8531) unless you tick your Update point with "Require SSL" within your update point configuration - which ofcourse is the idael configuration.
  And if that's the case it's running 8530.
  That's true, but for IBCM, as Peter pointed out HTTPS is required. Thus, if you don't configure your WSUS instance to run using SSL, I doubt that it will work simply because the client agent will be "smart" enough to see that you don't have an SSL
  capable WSUS instance and thus won't configure the WUA to use the non-SSL WSUS instance. I can't say I've tested this though, so it's possible that it works, but I doubt it.
  Jason | http://blog.configmgrftw.com | @jasonsandys

• Open port 21 for ftp in mac osx server 10.6

  Hello
  I want to open port 21. The firewall in the mac server is already off.The ftp server is enabled in this mac server. The NAT in the router is set accordingly to the internal IP of this MAC computer (OS X Server 10.6). However, whenever I try http://www.t1shopper.com/tools/port-scan/ to check whether the port 21 is open or not, it still says that the port is closed.
  Any idea?
  Thanks a lot

  well if your trying to connect to the host, without an active network port you could try connecting with localhost or 107.0.0.1. You could also try deleting the ethernet interface and re-adding it. And or hard coding the ethernet interface to static ip.

• Firewall in 10.5, how to open ports and how to manage?

  I am pulling my hair out with the new firewall in 10.5. In 10.4 I could just set ports as I liked in the control panel, in 10.5 there is no such thing.
  I need to for example open port 49999 to allow PageSender to function in my network.
  I need to open port 5901 to work with JollyFast VNC, as port 5900 is used by Apple Remote Desktop and the conflict if they both use the same port.
  Some of these ports I need permanent open like 59999 and others for one session and than close again, like 5901. Again in 10.4 I made the rule in the pref pane, ticked the box and Bob was your uncle. Now?
  I would like to be able to see what ports are open and active on the machine. I have no idea as to where I could see this.
  And at the same time I would like to keep the firewall as closed as possible as I am often on line in hotels etc.
  So I need help, is there a manual somewhere someone is aware of? Or do you have any answers?

  The new Application Firewall does not work in the same way as IPFW (the main firewall in 10.4).
  Instead of managing ports, it simply controls the access of applications to any port. Thus, if you want PageSender to receive connections, you simply need to switch the firewall to "Set access for specific services and applications", and then add PageSender to the list, with "Allow incoming connections". When you do this, PageSender will be able to receive connections on any port that it needs to.
  If you don't like this method of controlling connections, you can still use IPFW. Apple has removed the GUI, but you can download a GUI application like [NoobProof|http://www.hanynet.com/noobproof> or [WaterRoof|http://www.hanynet.com/waterroof/index.html], and you can then set access for specific ports.
  There are no problems with using both IPFW and Application Firewall.
  Cheers,
  Rodney

• Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Can't update iOS 8 on my iPhone5 through iTunes on Windows 8 (error 3004, 3194). Updated host file, opened port 80, 443; turned off security system and firewall, etc. But nothing works. How to solve this problem?

  Hi the_mad_movies,
  It seems like this article will be the best option for addressing this issue:
  Error 3194, Error 17, or "This device isn't eligible for the requested build"
  http://support.apple.com/kb/ts4451
  Thanks for coming to the Apple Support Communities!
  Cheers,
  Braden

• RDS and Gateway issues: Cannot get remoteapps to run without opening port 3389 on firewall

  I am testing the setup of a small RDweb server to host QuickBooks for some remote sales users (4 users). For the most part, I have everything installed on one virtual server (using 2012r2 "Quick Start" session host deployment with the additional
  Licensing and Gateway server roles added to the same server).
  Everything works excellent with one exception. External clients cannot launch published apps without having port 3389 open on the firewall, even with the gateway role installed and the 'Deployment Properties' set to use the gateway. They can properly connect
  to the RDweb site and view the published apps. The only way it works is open the firewall port (at which time I can disable the gateway or leave it configured and it works either way). Internally, everything works accordingly. I have followed the steps outlined
  on many sites and have combed though the forum here to no avail.
  Error received (summarized but is a well documented error):
  remote desktop can't connect to the remote computer: 1- Your user account is not listed (it actually is) or 2- You might have specified the remote computer in NetBios format . . etc.
  This is an existing SBS 2011 environment with additional virtual servers setup to host QuickBooks as outlined below:
  Current setup:
  Used Quick Start to install Remote Desktop Services in hosted sessions mode
  Installed the additional roles for Licensing and Gateway server on same server
  Configured wild card public certificates on all four services (Connection Broker(2), Web Access and Gateway)
  Configured internal DNS to properly lookup our external FQDN of this server (ex. quickbooks.contoso.com points to quickbooks.contoso.local
  One thing I noticed (just now) when I launch a published app and the firewall has port 3389 closed, a dialog box pops up directly after launching the app that warns about running a RemoteApp program and mentions the Remote Computer and the Gateway Server
  as both the same (which it is); however, I would have assumed one would have listed the internal server's name while, instead, both are listed as the external FQDN. Either way, internal DNS should still allow it to properly route . . no? I don't know . . I'm
  sure I am just missing something in a routing configurations somewhere. The gateway service is not properly looking up the RDweb service and then seeming not routing the encapsulated RDP session through HTTPS. . .. is my guess . .
  I was reading about the "set published name" commandlet; however, I am not experiencing a certificate name mismatch; however, the certificate name does show up as *.contoso.com versus the actual name. I may just be grasping as straws now . . :)

  Ok, while I was in the server and looking over the BPA scans: "The Remote Desktop Gateway (RD Gateway) server Secure Sockets Layer (SSL) certificate may not have a valid certificate subject name." This may be due to it showing up as *.companyname.com
  versus quickbooks.companyname.com. Anyhow. .. on to the list of actions above:
  Changed RD RAP from "Select Active Directory" group to "Allow any network resource" and tested with port 3389 closed on firewall:
  Worked. Initially it did not as I had used a custom shortcut created from earlier; however, after logging into the RDweb site again, the application loaded fine now (after the RD RAP change)
  No error message appeared; however, I did notice that for a split second, the word Error did appear in the browser's tab title, but only very shortly. The app launch does take a bit longer too now (about 10-15 seconds, up from about 4 seconds with the port
  open). This, I could care less about so long as we are properly forwarding the traffic through the gateway.
  As for log entries, I had spend quite a bit of time in there and only had minor issues with loading user profile setting taking too long and policy settings preventing the redirection of USB devices. Looking again, no issues still. Just a bunch of informational
  entries where I would connect before (and disconnect) but only with the port on the firewall open; otherwise, there was not an entry corrolating to when I would receive an error before. Now though, I am connecting after the RD RAP change and logs are showing
  connections even with the port closed. These are in "operational", the "admin" log only shows the update to the RD RAP configuration.
  Yes, the LAN's DNS server does relay the lookup information for my public FQDN as the local LAN address. No need for a local host record.
  I have now added a new rule in our firewall to allow and forward UDP port 3391 traffic to the internal server hosting remote services
  Thank you very much for your assistance on this matter. The RD RAP rule was default built during the creation of this services. Why is the resource not cross-referencing AD security groups? I could have sworn I created a group for that . . .

• Can I open a port range in the firewall for one host?

  Can I open a port range in the firewall for one host?  In other words, I want to be able to open ports 54001 to 54050 to allow one remote host in my LAN to access that port range in my Mac Server.  Is this possible?  Currently, the only option I see is to open individual ports for all external hosts (eg http or https)
  Thanks in advance!

  Which version of OS X Server are you using?
  Server 2.2 and earlier includes an interface to a software firewall that can be configured to open specific ports very easily. Descriptions of how to configure the firewall can be found in the documentation for these versions.
  Server 3.x no longer has an interface to the software firewall - it is still there, but you need to use other methods do configure it.  A popular example of such a method is the icefloor utility.
  Apple suggest that for Server 3 you delegate firewall duties to an external router.  Server 3 includes the ability to configure the firewall component of Apple Airport routers 'automatically'
  if you connect a machine running Server 3 directly to an Airport Router the router appears in the LH pane in the Server.app window (usually second line, below the entry for the server itself), and you can control what services are 'enabled' through the firewall there.
  a more common solution perhaps is to use a non-apple router, and configure the firewall (and so open specific ports) through whatever control interface is provided for that router.  There are many many kinds of hardware router you could use, and the control interfaces used vary widely - so you will have to consulting the documentation for your own router to work out how to do this.
  If you post information about your software versions, and hardware configuration, it is possible that you can get more specific help with the tasks involved in opening the ports.
  Hope this helps.

• How to check weather a remote port is open or closed by a firewall

  Hi,
  Need to check weather a remote port is open or closed by a firewall. can i use Java Socket class to do that?
  Is there any proper way?

  In general, there is no way to determine anything about the status of a firewall from the outside (unless you know one is running and you want to verify it's functioning correctly).
  When trying to connect to a socket, you might get a time-out, which means either the firewall is silently dropping packets or the server is down or too busy or that there is a network problem. Or your connection might be refused, which means either the firewall has denied your request or the server isn't listening on the port you specified.
  In most cases, you should only be interested in successful connections and not try to guess too much as to the cause of unsuccessful ones.

• RMI firewall issue - opening port 1099 is not enough

  Hello,
  We have a distributed java desktop app that uses RMI with callbacks to communicate amongst the clients. It all works really well at our dev site and at 2 trial sites.
  We are about to deploy out to more customer sites - so I have been doing more testing with firewalls etc and discovered some issues. Our customers are small businesses and typically have between 1 and 10 desktop clients that connect to the server via RMI. These customers are "very NOT technical", so we need to give them set-and-forget firewalls etc.
  This is all on a LAN, with RMI using port 1099. On the firewalls (of the various PCs) we open ports 1099 (RMI) and 5432 (for the Postgres DB).
  Also, I was using "CurrPorts" and "SmartSniff" to monitor the traffic at each PC - so I had a reasonable view of proceedings.
  Basically, opening port 1099 on the server is necessary, but it is NOT ENOUGH. The RMI moves off to ports other than 1099, and the server firewall does not allow the connection.
  Procedure ...
  (1) start the "server" app - which starts the RMI registry - the "localhost" desktop app also starts and it works well to both the database and the RMI.
  (2) start another client - it connects to the DB Server, but NOT the RMI server.
  (3) open the server firewall to all traffic for a few seconds - then the client connects successfully.
  From CurrPort logging I could watch the RMI comms progress over those first few minutes ...
  Initially the comms do include port 1099 on the initial call to the server, but there after there are always 2 or 3 "channels" open, but not to 1099.
  I notice that the Postgres DB keeps using port 5432 for all of its active channels - so it does not have the same firewall issue.
  After we have opened the firewall for a few seconds - to enable the link - then we can turn the client on and off and the client re-connects without issue - so it would seem to be only an issue with the initial connection.
  I am sure that this is all completely standard and correct RMI behavior.
  QUESTIONS:
  1. Can RMI be "forced" to always use port 1099 for connections, and not move to other ports? (like the database uses 5432)
  2. Are there any suggestions for getting around this seemingly standard RMI behaviour?
  Other comments ...
  The firewall lets me open individual ports (say 1099) - BUT I can not justify opening ALL ports.
  The firewall lets me open all ports to an application, say "C:\Program Files\Java\jre6\bin\java.exe", but that app will occasionally change at a customer's site as they will update their java version and suddenly our app will stop working.
  Any guidance is appreciated.
  Many Thanks,
  -Damian

  1. Can RMI be "forced" to always use port 1099 for connectionsYes. Export all your servers on the same port. See UnicastRemoteObject constructor that takes an int, or UnicastRemoteObject.exportObject(int). If the RMI Registry is a separate process you can't re-use 1099 for this purpose, but see below.
  2. Are there any suggestions for getting around this seemingly standard RMI behaviour?Yes. Start the RMI Registry in the same JVM as the code, then you only need to use 1099 for everything.
  If you are using server socket factories, make sure they have an equals() method, or use the same instance for all remote objects.

• How do you open a port in OSX's firewall?

  Hello,
  I'm trying to figure out how to open a port in OSX's firewall. I'm trying to use Bits on Wheels or Bit Torrent to download show's from Revision3.com (they distribute their shows via bitorrent). I'm not getting very much speed in downloading my files, which typically means that I'm not uploading as fast as I should. I searched this problem and everything I've read says that I need to open a range of ports in my firewall.
  I have a DSL connection which does not use a router, just a direct connection to a DSL modem. Therefore I'm only using the software firewall from MacOSX 10.4.10.
  So how does one open a range of ports?
  Thanks,
  Jeff

  system prefs-->sharing--> firewall tab.
  click 'New'
  Port name other
  tcp port numbers 6881-6889
  description Bittorrent

• Mac OS X Leopard Firewall/default open ports rpcbind?

  Hi,
  I'm looking into hardening/securing mac os x leopard and noticed that port 111 rpcbind is open. Is rpcbind open by default? What are leopards default open ports on a fresh install?
  Also is there any way to run openbsd/freebsd PF firewall?
  Thanks!

  This is what nmap reports:
  Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-02 12:28 EST
  Warning: Unable to open interface vmnet8 -- skipping it.
  Warning: Unable to open interface vmnet1 -- skipping it.
  Interesting ports on localhost (127.0.0.1):
  Not shown: 993 closed ports
  PORT STATE SERVICE
  111/tcp open rpcbind
  631/tcp open ipp
  1021/tcp open unknown
  1022/tcp open unknown
  1023/tcp open netvenuechat
  2049/tcp open nfs
  49152/tcp open unknown
  Nmap done: 1 IP address (1 host up) scanned in 10.55 seconds
  nestat -a | grep LISTEN confirms:
  tcp6 0 0 localhost.ipp . LISTEN
  tcp4 0 0 *.49152 . LISTEN
  tcp4 0 0 *.1021 . LISTEN
  tcp4 0 0 *.1022 . LISTEN
  tcp4 0 0 *.sunrpc . LISTEN
  tcp4 0 0 *.nfsd . LISTEN
  tcp4 0 0 *.1023 . LISTEN
  tcp4 0 0 localhost.ipp . LISTEN
  tcp6 0 0 localhost.ipp . LISTEN
  Not too sure what netvenuechat is and I have no idea why NFS is open/running. I'm not connecting to any NFS shares. How do I lock everything down?
  Any suggested IPFW rules?
  Here is what 'ipfw show' returns:
  3300 36 2160 deny icmp from any to me in icmptypes 8
  65535 866558 351141790 allow ip from any to any
  Thanks,
  Juan

• Opening port in Firewall with Script instead of ServerAdmin?

  Hi,
  I tried to google this but didn't find good leads. What is the way to open ports in the OS X Server 10.5 Software Firewall by using a shellscript instead of the GUI ServerAdmin tool?
  thanks a lot
  simon

  At the most basic level:
  #!/bin/bash
  HOST_IP = "123.123.123.123"
  /sbin/ipfw -f add 30000 allow tcp from $HOST_IP to any dst-port 20-21
  This would add a single rule, assigned to rule number 30000. It opens ports 20 and 21 for the specified IP. After installing this rule via script there are various things that will cause your firewall to be flushed and the rule will be lost. For example, just poking around in ServerAdmin can cause an unintentional flush and reloading of the firewall rules - you'll need a way to run your script again when it happens.
  Check the man page and google for info on ipfw.
  David
  Message was edited by: DavidWil

• Opening port in Firewall to allow media sharing with PS3

  What I'm trying to do: Stream media from my G5 to my PlayStation3 using Nullriver's Media Link.
  It would not work and I've determined that it's the Firewall that's the problem. I've read elsewhere that the firewall in my router (Airport extreme) will suffice and that the G5's firewall is redundant. Even if that is true I'm still puzzled as to why I couldn't open a hole in the firewall.
  I turned on Firewall Logging under advanced in the sharing preference panel, then told the PS3 to search for media servers.
  Looking at the ipfw log in Console tells me "...ipfw: 12190 Deny TCP 10.0.1.5..."
  So 12190 must be the port that needs to be open for things to work, right?
  Here's where I must be goofing up... I go to system preferences>>Sharing>>Firewall.
  Then click "New." From the Port Name pop-up, I select Other and then name the hole I intend to open.
  Then in the field "TCP Port Number(s)" I enter 12190.
  My new item now appears in the list on the firewall pane with a check next to it and when the mouse hovers over the item the tag that pops us tells me that all network traffic on port 12190 is being let through.
  Meanwhile in the background, Console reports every minute that the PS3 is being denied access at that port!
  I tried restarting the system.
  It would be nice to know if it is indeed true that the firewall in OSX is redundant.
  But more puzzling is why I can't get this port to open.
  Thanks!

  Still no luck.
  Tried deleting that pref file. Reboot. Created new port opening as before. Still shows that same symptoms.
  Tried WaterRoof. When I call up the static rules, it shows the port in question.
  "allow tcp from any to any dst-port 12190"
  I selected it in the list, clicked the button to edit it, changed nothing, then clicked apply. (I did this in case maybe Waterroof needed to "nudge" things to get them to work right. After this, I was unable to change any settings on the Firewall using System Preferences.
  Maybe I'm not using WaterRoof right.
  Strange that when I used Terminal as you suggested, it shows a firewall deny at 12190, but WaterRoof says the rule is to allow.
  Could there be something wonky going on with the Airport Extreme?
  To my non-network savvy brain that doesn't make sense but I bring it up since it's the only other device involved.
  If I turn off the firewall on my G5 using System Preferences then everything works fine. Would the Airport "know" what the firewall on my computer was doing?
  It's my understanding that the Airport Extreme's firewall protects the network from outside traffic, not that it would protect devices on the network from each other.
  I was going to try opening a port on the Airport, but the fields in the Airport Utility are more complicated than those in System Preferences. Figured I should wait before I did anything stupid.
  The next thing I'll try is running MediaLink on my wife's Intel iMac. She's running 10.4.11, too, but if I can open a port on her machine, that will narrow things down. Will report back tomorrow.
  Thanks.

• The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

  How do I do the following so I can get into my chess program??
  The access to our new chess hall may be blocked by your
  local firewall. You would need to reconfigure your firewall to open port 15010
  for TCP traffic.

  This is not really Firefox related.
  What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
  If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

• Open port 5223 through firewall

  I was hoping to get a little assistance in opening a port through our ASA 5510. I need to allow a tcp connection for IP 65.74.157.196 on port 5223 through our firewall to the subnet 10.1.12.0/24.
  In the GUI, I created an access rule on our Outside interface with the source of 65.74.157.196 and the destination of 10.1.12.0/24 with the Service set to tcp 5223 and the Action is Permit.
  Is there anything else I need to configure?

  We are running 8.2.
  This is what I have:
  ACL
  access-list Outside-ISP1_access_in extended permit tcp host RemoteServerIP any 5223
  NAT
  static (Inside,Outside-ISP1) tcp interface 5223 10.1.12.55 5223 netmask 255.255.255.255
  10.1.12.55 is the inside address the remote server needs to communicate with on 5223
  I attached an image of the Packet Tracer results.