TCP/UDP ports between Cisco PI 2.0 and WLC5508

Similar Messages

• QOS Network Planning - TCP/UDP Ports used in CWMS 2.5 MDC deployment

  Does anyone know if there is documentation that describes the WAN traffic in CWMS 2.5 MDC?  I'm looking for the TCP/UDP ports that must be prioritized on the WAN to properly class our traffic between the two data centers.  I can't find any such document.  
  Thanks,
  Matt 

  HI Matt,
  All the network requirements are listed in the CWMS 2.5 Planning Guide in Networking Checklist: http://www.cisco.com/c/en/us/td/docs/collaboration/CWMS/2_5/Planning_Guide/Planning_Guide/Planning_Guide_chapter_0100.html
  I hope this is what you are looking for.
  -Dejan

• TCP/UDP Port Utilization question for CCX 8.5

  Greetings,
  I have gone through the CCX 8.5 TCP/UDP port utilization guide.
  http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_8_5/configuration/guide/uccx851pug.pdf
  I always do this as a matter of practice and I had a question concerning Java RMI ports. In the guide there is an ephemeral range TCP:32768-61000 that is used for Java RMI. Based on the context clues in the footnote this is an intra-cluster communication between processes running on CCX. This jives with ACLs I have built for previous versions.
  The hang up I have is that Table 1 (page 6) of the guide shows that one of the remote devices is "Editor". I take this to mean CRS Editor, which can run on a desktop in the environment. I want to keep the ACL as trim as possible, so I don't want to open up the TCP ephemeral range unnecessarily. So, I guess my question is:
  When that document refers to "Editor" do they mean that the CRS Editor is communicating using the referenced ports? Or is there a server-side process called Editor listening on those ports. The shift in how I apparently have to account for RMI is causing me to question.
  Thanks in advance,
  Bill

  I followed the port guide, but am still having issues connecting to the editor from my workstation with my access-list in place.
  When I remove the ACL the editor connects and I can do reactive debugging. The ACL breaks this.
  Followed this
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/crs/express_9_02/configuration/guide/UCCX_BK_P89325D5_00_port-utilization-guide-uccx-902.pdf
  Does anyone have a sample acl that works?

• What TCP/UDP ports need to be open for VPN Client version 4.8?

  What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work?
  Thanks,

  Normally, you need the following ports and protocol :
  UDP 500
  UDP 4500
  ESP
  In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port you want to use for IPSec connections (Its configurable).
  -Kanishka

• CTC TCP/UDP Ports numbers

  Does anyone know the TCP/UDP Port numbers that have to be opened up when using NAT, this is what I have:
  CTC PC >>>>>>>>>>> ROUTER >>>>>>>>>>>ONS15454
  The CTC PC and the ONS are on different IP Networks so I'm the router to translate from one to the other with NAT, configured the ONS15454 to use Socks.
  I used to have a document that explained this but I've lost it.
  THanks
  Chris

  Hi Chris.
  I see you already have provisioned the node for SOCKS Proxy.  If you want to be able to still have IP connectivity (for ping or telnet) to the ENE's, then enable the SOCKS Proxy Only option.  The SOCKS Proxy needs to be provisioned on the LAN connected 15454 at the very least.  You can also go to the CTC drop down menu:  Edit -> Preferences -> Firewall and change the port from being variable to static default.  That will further restrict the ports that are used by CTC.  This should resolve any intermittent connectivity issues in CTC if it is being caused by a firewall.
  www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp42216
  "If  you launch CTC against a node through a Network Address Translation  (NAT) or Port Address Translation (PAT) router and that node does not  have proxy enabled, your CTC session starts and initially appears to be  fine. However, CTC never receives alarm updates and disconnects and  reconnects every two minutes. If the proxy is accidentally disabled, it  is still possible to enable the proxy during a reconnect cycle and  recover your ability to manage the node, even through a NAT/PAT  firewall."
  Lastly, to answer your question directly below is a link to the list:
  www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp59962
  Table 14-6 Ports Used by the TCC2/TCC2P
  Thanks,
  Will

• TCP/UDP Ports and site used by FEP to download updates - needed to allow on perimeter firewall

  Can some one point me with information like what TCP/UDP ports are utilized by FEP and what DNS / site Name it uses to download FEP Updates. This is needed to tighten perimeter FireWall policies
  Thank you

  It should be the same as the documentation for all Software Updates:
  https://technet.microsoft.com/en-us/library/bcf8ed65-3bea-4bec-8bc5-22d9e54f5a6d#BKMK_ConfigureFirewalls
  Make sure to expand the "restrict access to specific domains" section to see the update related URLs.

• Should I block TCP/UDP ports 135 to 139 on my router?

  For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router?  This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation?  When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth.  Ideally, they should all be Stealth.

  Have a read here: http://securityspread.com/2013/07/26/firewall/
  Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
  The specific ports you mention pose no risk to OS X as far as I am aware.

• Which TCP/UDP ports need to be opened on a firewall for adobe reader and flashplayer?

  Which TCP/UDP ports need to be opened on a firewall for adobe reader and flashplaer to operate properly? This would include updating, linking, and any subset of features.

  The Acrobat Family uses TCP HTTP/HTTPS for all traffic. The following processes and ports may be active on a Windows client machine:
  AdobeARM.exe - automatic updates - port 443
  AcroRd32.exe - brand messages - port 443
  AcroRd32.exe - links in documents - anything specified in the URL
  Acrobat.exe - brand messages - port 443
  Acrobat.exe - links in documents - anything specified in the URL
  AdobeCollabSync.exe - Tracker review data - port 443
  The same ports are used by the  program components on OS X.
  There are no inbound listening ports for any elements of the Acrobat Family. Automatic updates are not pushed and there are no server processes within the software.

• Does adding tcp udp ports on the nat exempt accesslist which is binded to nat 0 statement remove the entire nat 0 statement itself?

  Hi Experts,
  Is the above statement true?. I learnt later that adding tcp and udp ports on the nat 0 statements are supported . But does it take away the entire nat statement? Please answer my question at the earliest.
  Regards
  Krishna

  Krishna,
  "NAT exemption (nat 0 access-list command)—NAT exemption allows both translated and remote hosts to initiate connections. Like identity NAT, you do not limit translation for a host on specific interfaces; you must use NAT exemption for connections through all interfaces. However, NAT exemption does enable you to specify the real and destination addresses when determining the real addresses to translate (similar to policy NAT), so you have greater control using NAT exemption. However unlike policy NAT, NAT exemption does not consider the ports in the access list. NAT exemption also does not support connection settings, such as maximum TCP connections."
  Reference
  So, since the documentation clearly says that this rule does not consider any ports in the ACL, then one should not be testing unsupported configurations.
  If one adds an ACL with specific ports, then unexpected results may be expected.
  My suggestion, dont add any ACL entry with specific ports to your NAT exempt statement.
  Thanks.
  Portu.
  Please rate any helpful posts

• Checking TCP/UDP ports!

  What's up everybody,
  Does anyobody know how to check if a port is open? (tcp/udp)
  thanks!
  matio,

  Welcome to the forums.
  Common Mac OS X tools used here include Network Utility, lsof, and telnet and ping, and dns-sd and ping for Bonjour and mDNS, depending on details are sought.
  (With the Windows entries from your footer, various of these tools and equivalents are what can be obtained by loading Cygwin or by loading Microsoft's SUA/SFU tools, and with some add-ons. PowerShell might or does have analogs here, but the old MS-DOS shell was pretty limited in what diagnostics were available without additions. There was telnet and ping, but some other bits were missing.)
  Add-on tools include nmap. (nmap is a fairly gonzo-useful tool for this sort of thing.)
  telnet works nicely for brute-force port tests on the LAN.
  And FWIW, if those public web site tools do work and if you're on your own LAN, then definitely also consider checking the settings of and consider upgrading the LAN security. Those tools and those web sites should be blocked by default by the firewall or the gateway device found on most any LAN; whether that's a low-end NAT device, a server-grade firewall, or otherwise.

• What is the difference in the features between Cisco prime 1.2 and Cisco prime 1.4 ?

  Dears,
  Please i need to know what is the difference in the features between Cisco prime infrastructure 1.2 and Cisco prime 1.4.
  Already i see the release note for each one but the release indicate only the New feature for every one. so i need to know the difference between them not new features.
  Wait your kind feedback plz
  Regards,

  Hi,
  New Features and Enhancements
  The following topics describe new features and enhancements in Cisco Prime Infrastructure 1.4.
  Management Support for WLC Release 7.5
  Support for 802.11ac Module
  Support for Cisco AP 700
  Policy Classification Engine
  FlexConnect Audit Support
  Autonomous AP Support
  Client Stateful Switchover
  Cable Modem Monitoring
  Support for Secure File Transfer Protocol
  and please go through the link and check the data sheet for further clearance.
  http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/datasheet-c78-729879.html

• How can i make a graph y is unmber pasing from UDP port,x is the time stamp.and in the same time this graph can display several numbers to compare.

  how can i make a graph
  y is number(the blue wire)pasing from UDP port,
  x is the time stamp.
  plus in the same time this graph can display several differenr numbers to compare.

• ACS Communication TCP/UDP ports

  Hi,
  I have a WEBVPN (on Cisco 2811) which will authenticate its client using ACS, ACS in turn will be integrated with AD.
  the three components (WEBVPN, ACS and AD) have a firewall in between them, I need to configure to allow the communication between the three components, I need a list the ports required for such configuration.
  Also I have to ACS appliances working in HA mode, they will be installed in different locations with firewall in between,What are the ports the 2 appliances are communicating through to ensure full HA?

  Table 2 have this information,
  http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps2086/ps7032/prod_qas0900aecd80108148_ps2086_Products_Q_and_A_Item.html
  Regards,
  ~JG
  Do rate helpful posts

• TCP/UDP Ports

  Does anyone know which ports on the firewall/router do I need to open for NAT (Network Address Translation) so that I can access the database from outside the firewall by SQLnet.

  default tcp/1521
  but u can change it

• What TCP/UDP ports are required for Sunray to communicate withSunray server

  Hi,
  Our Sunray appliances and Sunray servers are setting in two different VLANs. For there is no ACL applied between both the VLANs, but we are plannin g to place ACL between these two VLAN for security reason. Do any have a list of ports require for Sunrays to communicate with the Sunray server.
  Thanks for the Help
  Moe Hans
  Network Administrator
  Kwantlen Polytechnic University
  Surrey, BC
  [email protected]

  [http://wikis.sun.com/display/SRSS4dot2/Ports+and+Protocols]