UDP port 161 on IPCC/ICM servers

I am trying to setup Solarwinds monitoring via SNMP on our IPCC/ICM servers.  The servers are AW, PGs and Router/Loggers. 
Do the IPCC/ICM applications use UDP port 161?  I cannot start the SNMP service on the servers due to UDP port 161 is already being used. 
According to Windows task manager, the port is used by PID snmpdm.exe.
Any info or comment is appreciated.  Thanks.

Yes it's not the same. Why, I do not know.
On ICM Windows boxes you use the MMC snapin, but on CVP you use the Ops Console which writes into cfg files and pushes them to the box.
At the end of the day the basics of community name, access list, trap destination are known by the agent on the ICM or CVP server.
Regards,
Geoff

Similar Messages

  • TS1629 Apple destination ip addresses for well known TCP and UDP ports used by Apple software products

    I work for a large enterprise organisation with dual layer firewalls. The Apple article titled "allowing well known ports through the firewall "does not provide enough information on what the destination ip addresses of Apple servers are which host Apple ICloud services.
    Does anyone have information on the destination Apple Ip addresses? So that I can lock down my firewall rules, just so that Apple devices, access Apple services on the Internet.
    Many thanks

    One option is to use "connection-reuse" cli under sip-ua configuration mode.
    sip-ua
      connection-reuse
    This will enable the 7200 to create a connection with source and destination udp port number set to 5060. This feature is available in IOS 12.4(25d) which requires minimum of 256 / 512MB DRAM (depends on the feature set) and flash of 48 MB.

  • DMVPN-Why received packet doesn't use UDP port 4500 but 500?

    Hello everyone
    I got a problem with my DMVPN. Spoke is behind a NAT device. x.x.x.x is an public IP address which hub uses. I don't know why it discovered that the hub is also inside a NAT device. And after it sends a packet using port 4500, the received packet from hub was not using port 4500 but 500. I'm confused now. Any advise would be much appreciated.
    *Sep 10 08:56:02 UTC: ISAKMP:(0): beginning Main Mode exchange
    *Sep 10 08:56:02 UTC: ISAKMP:(0): sending packet to x.x.x.x my_port 500 peer_port 500 (I) MM_NO_STATE
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Sending an IKE IPv4 Packet.
    *Sep 10 08:56:02 UTC: ISAKMP (0): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_NO_STATE
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM1  New State = IKE_I_MM2 
    *Sep 10 08:56:02 UTC: ISAKMP:(0): processing SA payload. message ID = 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0): processing vendor id payload
    *Sep 10 08:56:02 UTC: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
    *Sep 10 08:56:02 UTC: ISAKMP (0): vendor ID is NAT-T RFC 3947
    *Sep 10 08:56:02 UTC: ISAKMP:(0):found peer pre-shared key matching 
    *Sep 10 08:56:02 UTC: ISAKMP:(0): local preshared key found
    *Sep 10 08:56:02 UTC: ISAKMP : Scanning profiles for xauth ...
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Checking ISAKMP transform 1 against priority 1 policy
    *Sep 10 08:56:02 UTC: ISAKMP:      encryption 3DES-CBC
    *Sep 10 08:56:02 UTC: ISAKMP:      hash MD5
    *Sep 10 08:56:02 UTC: ISAKMP:      default group 1
    *Sep 10 08:56:02 UTC: ISAKMP:      auth pre-share
    *Sep 10 08:56:02 UTC: ISAKMP:      life type in seconds
    *Sep 10 08:56:02 UTC: ISAKMP:      life duration (VPI) of  0x0 0x1 0x51 0x80 
    *Sep 10 08:56:02 UTC: ISAKMP:(0):atts are acceptable. Next payload is 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Acceptable atts:actual life: 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Acceptable atts:life: 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Fill atts in sa vpi_length:4
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Fill atts in sa life_in_seconds:86400
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Returning Actual lifetime: 86400
    *Sep 10 08:56:02 UTC: ISAKMP:(0)::Started lifetime timer: 86400.
    *Sep 10 08:56:02 UTC: ISAKMP:(0): processing vendor id payload
    *Sep 10 08:56:02 UTC: ISAKMP:(0): vendor ID seems Unity/DPD but major 69 mismatch
    *Sep 10 08:56:02 UTC: ISAKMP (0): vendor ID is NAT-T RFC 3947
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM2  New State = IKE_I_MM2 
    *Sep 10 08:56:02 UTC: ISAKMP:(0): sending packet to x.x.x.x my_port 500 peer_port 500 (I) MM_SA_SETUP
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Sending an IKE IPv4 Packet.
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM2  New State = IKE_I_MM3 
    *Sep 10 08:56:02 UTC: ISAKMP (0): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_SA_SETUP
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Input = IKE_MESG_FROM_PEER, IKE_MM_EXCH
    *Sep 10 08:56:02 UTC: ISAKMP:(0):Old State = IKE_I_MM3  New State = IKE_I_MM4 
    *Sep 10 08:56:02 UTC: ISAKMP:(0): processing KE payload. message ID = 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0): processing NONCE payload. message ID = 0
    *Sep 10 08:56:02 UTC: ISAKMP:(0):found peer pre-shared key matching x.x.x.x
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): vendor ID is Unity
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): vendor ID is DPD
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): processing vendor id payload
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): speaking to another IOS box!
    *Sep 10 08:56:02 UTC: ISAKMP:received payload type 20
    *Sep 10 08:56:02 UTC: ISAKMP (2746): NAT found, both nodes inside NAT
    *Sep 10 08:56:02 UTC: ISAKMP:received payload type 20
    *Sep 10 08:56:02 UTC: ISAKMP (2746): My hash no match -  this node inside NAT
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Input = IKE_MESG_INTERNAL, IKE_PROCESS_MAIN_MODE
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Old State = IKE_I_MM4  New State = IKE_I_MM4 
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Send initial contact
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):SA is doing pre-shared key authentication using id type ID_IPV4_ADDR
    *Sep 10 08:56:02 UTC: ISAKMP (2746): ID payload 
    next-payload : 8
    type         : 1 
    address      : 192.168.1.101 
    protocol     : 17 
    port         : 0 
    length       : 12
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Total payload length: 12
    *Sep 10 08:56:02 UTC: ISAKMP:(2746): sending packet to x.x.x.x my_port 4500 peer_port 4500 (I) MM_KEY_EXCH
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Sending an IKE IPv4 Packet.
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Input = IKE_MESG_INTERNAL, IKE_PROCESS_COMPLETE
    *Sep 10 08:56:02 UTC: ISAKMP:(2746):Old State = IKE_I_MM4  New State = IKE_I_MM5 
    *Sep 10 08:56:03 UTC: ISAKMP (2746): received packet from x.x.x.x dport 500 sport 500 Global (I) MM_KEY_EXCH
    *Sep 10 08:56:03 UTC: ISAKMP:(2746): phase 1 packet is a duplicate of a previous packet.
    *Sep 10 08:56:03 UTC: ISAKMP:(2746): retransmitting due to retransmit phase 1
    *Sep 10 08:56:04 UTC: ISAKMP:(2746): retransmitting phase 1 MM_KEY_EXCH...
    *Sep 10 08:56:04 UTC: ISAKMP (2746): incrementing error counter on sa, attempt 1 of 5: retransmit phase 1
    *Sep 10 08:56:04 UTC: ISAKMP:(2746): retransmitting phase 1 MM_KEY_EXCH
    *Sep 10 08:56:04 UTC: ISAKMP:(2746): sending packet to x.x.x.x my_port 4500 peer_port 4500 (I) MM_KEY_EXCH
    *Sep 10 08:56:04 UTC: ISAKMP:(2746):Sending an IKE IPv4 Packet.

    This could be because the port 4500 packet that is being sent is not being received by the peer side or it is ignoring that packet. 
    Since the port 500 packet that you are receiving is a duplicate of the previous packet it is definitely not a reply packet for the port 4500 packet. 
    If you can get the debugs from the other end, then you could see if the peer side is receiving the udp port 4500 packets.
    If not that then this could be a UDP port 4500 block with the ISP.

  • TCP/UDP Ports and site used by FEP to download updates - needed to allow on perimeter firewall

    Can some one point me with information like what TCP/UDP ports are utilized by FEP and what DNS / site Name it uses to download FEP Updates. This is needed to tighten perimeter FireWall policies
    Thank you

    It should be the same as the documentation for all Software Updates:
    https://technet.microsoft.com/en-us/library/bcf8ed65-3bea-4bec-8bc5-22d9e54f5a6d#BKMK_ConfigureFirewalls
    Make sure to expand the "restrict access to specific domains" section to see the update related URLs.

  • Noticed that my MAC Mini is sending traffic to 70.38.54.77 on sequential UDP ports (port scanning?)

    Hi,
    I noticed in my home router logs that my MAC Mini "scans" UDP ports in the 33xxx range to an address 70.38.54.77 ... a quick search shows others complains but not result or explanation. I am looking to see if this is some piece of sw installed in my MAC or perhaps how to block traffic to/from that IP (or its subnet).
    See below - .149 is my MAC mini IP address at home.
    Outgoing log
    LAN IP address
    |
    Destination URL or IP address
    |
    Service or port number
    192.168.2.149
    70.38.54.77
    33495
    192.168.2.149
    70.38.54.77
    33494
    192.168.2.149
    70.38.54.77
    33493
    192.168.2.149
    70.38.54.77
    33492
    192.168.2.149
    70.38.54.77
    33491
    192.168.2.149
    70.38.54.77
    33490
    192.168.2.149
    70.38.54.77
    33489
    192.168.2.149
    70.38.54.77
    33488
    192.168.2.149
    70.38.54.77
    33487
    192.168.2.149
    70.38.54.77
    33486
    192.168.2.149
    70.38.54.77
    33485
    192.168.2.149
    70.38.54.77
    33484
    192.168.2.149
    70.38.54.77
    33483
    192.168.2.149
    70.38.54.77
    33482
    192.168.2.149
    70.38.54.77
    33481
    192.168.2.149
    70.38.54.77
    33480
    192.168.2.149
    70.38.54.77
    33479
    192.168.2.149
    70.38.54.77
    33478
    192.168.2.149
    70.38.54.77
    33477
    192.168.2.149
    70.38.54.77
    33476
    192.168.2.149
    70.38.54.77
    33475
    192.168.2.149
    70.38.54.77
    33474
    192.168.2.149
    70.38.54.77
    33473
    192.168.2.149
    70.38.54.77
    33472
    192.168.2.149
    70.38.54.77
    33471
    192.168.2.149
    70.38.54.77
    33470
    192.168.2.149
    70.38.54.77
    33469
    192.168.2.149
    70.38.54.77
    33468
    192.168.2.149
    70.38.54.77
    33467
    Thanks in advance.

    Is that your IP & ISP?
    NetRange:       70.38.54.64 - 70.38.54.95
    CIDR:           70.38.54.64/27
    OriginAS:      
    NetName:        IWEB-CL-T140-02SH
    To see if it's you/your provider, What's my ip...
    http://www.whatismyipaddress.com/
    Little Snitch, stops/alerts outgoing stuff...
    http://www.obdev.at/products/littlesnitch/index.html
    And will tell you what wants to use that port, then you can choose to allow or deny.

  • Identify Ports for AD - External UDP port scanner

    Greetings all,
    I am trying to figure out which UDP port is alarming on the "AD - External UDP port scanners (13005)" signature. By default, the signature is set to summarize which looks something like this "NumDestIps=100; currentTHreshold=100. protocol=1".
    From the "Protocol = 1" line I am assuming all scanning is hitting up on a single destination protocol - I need to know which protocol / port number.
    I've already attempted to turn on "log attacker, pair, and victim" packets. Verbose is not an option for this signature. I have also tried changing alert Frequency to "fire all" or just uncheck the "Summary Mode" box. None of this tells me the destination/victim port. I do see under a protocol field "ICMP" but i don't believe that pertains to the source port. Any ideas on how I might find this information?

    TCP/445 is used by Microsoft file sharing (CIFS), and by default that port is opened on all Microsoft PC basically to allow file sharing.
    If you open up DOS prompt, and type: netstat -na, you would see that your PC is by default listening on TCP/445.
    Here is more information on Microsoft-DS (TCP/445):
    http://www.linklogger.com/TCP445.htm
    http://en.wikipedia.org/wiki/Server_Message_Block
    So it really depends on your corporate security policy, whether to allow file sharing or not within the network. IPS is picking that up because it is an easier way of exploiting a PC since the port is opened by default.

  • Should I block TCP/UDP ports 135 to 139 on my router?

    For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router?  This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation?  When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth.  Ideally, they should all be Stealth.

    Have a read here: http://securityspread.com/2013/07/26/firewall/
    Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
    The specific ports you mention pose no risk to OS X as far as I am aware.

  • UDP PORT 445 Not listed in System Process

    Hi! Can you help me? I need the UDP PORT 445 listed on SYSTEM Process. 
    I open UDP PORT 445 on Firewall (WSBS 2011), but in Syshelp (symatech validation too) the result is:
    Title: One or more network services, ports, protocols or associated processes may need attention
    Product: Backup Exec Server
    Status: Warning
    Details:
    Warning SYSTEM's UDP port 445 is not open or listening.
    Warning Port is not open or listening.
    UDP Process: System
    Ok SYSTEM is the correct process for UDP port 137
    Ok Port 137 with protocol UDP is open on the following IP addresses: - 25.54.28.213
    - 169.254.41.25
    - 169.254.244.222
    - 192.168.0.6
    - 192.168.1.2
    Ok Process System has port 137 with protocol UDP open.
    Ok Process System has port 137 with protocol UDP open.
    Ok Process System has port 137 with protocol UDP open.
    Ok Process System has port 137 with protocol UDP open.
    Ok Process System has port 137 with protocol UDP open.
    Information Network service name not defined. Test skipped.
    Information Default settings - Network Service Name: netbios-ns Port: 137 Protocol: UDP Process: System
    Ok SYSTEM is the correct process for UDP port 138
    Ok Port 138 with protocol UDP is open on the following IP addresses: - 25.54.28.213
    - 169.254.41.25
    - 169.254.244.222
    - 192.168.0.6
    - 192.168.1.2
    Ok Process System has port 138 with protocol UDP open.
    Ok Process System has port 138 with protocol UDP open.
    Ok Process System has port 138 with protocol UDP open.
    Ok Process System has port 138 with protocol UDP open.
    Ok Process System has port 138 with protocol UDP open.
    Information Network service name not defined. Test skipped.
    Information Default settings - Network Service Name: netbios-dgm Port: 138 Protocol: UDP Process: System
    Ok SYSTEM is the correct process for TCP port 445
    Ok Port 445 with protocol TCP is open on the following IP addresses: - 0.0.0.0
    Ok Process System has port 445 with protocol TCP open.
    Information Network service name not defined. Test skipped.
    Information Default settings - Network Service Name: microsoft-ds Port: 445 Protocol: TCP Process: System

    Hi,
    à
    I need the UDP PORT 445 listed on SYSTEM Process.
    à
    Warning SYSTEM's UDP port 445 is not open or listening.
    Based on your description, I’m a little confused with this issue. Please run following commands with administrator
    permission and monitor the result. Would you please check and confirm whether any process listened the UDP port 445?
    netstat –ab
    netstat -a | find /i "445"
    In addition, I noticed that you use Syshelp (Symantec validation tool) to check. I suggest that you would post
    the warning message in Symantec Forum and confirm this issue. I believe we will get a better assistance there.
    If anything I misunderstand, please don’t hesitate to let me know.
    Hope this helps.
    Best regards,
    Justin Gu

  • Listen to specific UDP Port

    Hi guys,
    I'm using a PHP script which contacts my Mac running growl to subsequently push notifications to my iPhone via Prowl.
    This isn't working at all at the moment and it's proving difficult to establish whether A - the PHP script isn't contacting the Mac correctly or B - a firewall or equivalent is blocking access to Growl.
    My set up is:
    1. iMac running Growl and growl-notify;
    2. a DynDNS account which points to my IP address;
    3. Netgear router which forwards UDP port 9887 to my iMac (which has been allocated a static local IP address);
    Is there anyway I can 'listen' to port 9887 to see what information is being received at that port? That way I can determine whether the plugin has been configured correctly or whether the script is generating an incorrect packet.
    Thank you for your time.

    Try Wireshark.

  • Does adding tcp udp ports on the nat exempt accesslist which is binded to nat 0 statement remove the entire nat 0 statement itself?

    Hi Experts,
    Is the above statement true?. I learnt later that adding tcp and udp ports on the nat 0 statements are supported . But does it take away the entire nat statement? Please answer my question at the earliest.
    Regards
    Krishna

    Krishna,
    "NAT exemption (nat 0 access-list command)—NAT exemption allows both translated and remote hosts to initiate connections. Like identity NAT, you do not limit translation for a host on specific interfaces; you must use NAT exemption for connections through all interfaces. However, NAT exemption does enable you to specify the real and destination addresses when determining the real addresses to translate (similar to policy NAT), so you have greater control using NAT exemption. However unlike policy NAT, NAT exemption does not consider the ports in the access list. NAT exemption also does not support connection settings, such as maximum TCP connections."
    Reference
    So, since the documentation clearly says that this rule does not consider any ports in the ACL, then one should not be testing unsupported configurations.
    If one adds an ACL with specific ports, then unexpected results may be expected.
    My suggestion, dont add any ACL entry with specific ports to your NAT exempt statement.
    Thanks.
    Portu.
    Please rate any helpful posts

  • Monitor a UDP port

    Hi,
    I could find a solution for my problem. I need to monitor a UDP port.
    For the TCP ports i'm using MP template TCP Port, but for the UDP i don't find any tool.
    My question is. It's possible to monitor UPD ports in SCOM 2012 R2? If yes, how?
    Thank you,
    Rui 

    Hi Rui,
    I have found a possibility to do this. Hope you understand this and it is helpful. This is a two step process but guess will definitely server the purpose.
    Scope: We will be running a tool which will monitor a port (TCP or UDP) for a specific host / IP and will throw a log file.
    SCOM will monitor the log file and will throw a alert if the log file contains the string NOT LISTENING (Port not working or unable to open the port) which the program will create the log with the results.
    First download the program named: PortQry Command Line Port Scanner Version 2.0 from microsoft using the below link. It is a command line tool.
    http://www.microsoft.com/en-in/download/details.aspx?id=17148
    Run it using by making a batch file or powershell script using task scheduler as per your time requirement (Every 5 min or 1Hr).
    Use this command to monitor a ip / hostname and its port with TCP or UDP.
    I have pasted the command file of the program in C:\Port_checker directory so i am using the below syntax
    C:\Port_checker\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Port_checker\Result.log /y
    -N = Hostname / FQDN of agent or Ip address
    -E = Port # what you want to monitor
    -P = Protocol (TCP or UDP)
    -L = Generate log on the following location and name
    /Y = To replace the existing log file name to fresh one without prompt.
    The result in the log file will be as follows:
    ============================
    For successful port open:
    PortQry Version 2.0 Log File
    System Date: Tue Oct 07 09:42:32 2014
    Command run:
     C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
    Local computer name:
     192.168.1.2
    Querying target system called:
     192.168.1.1
    Attempting to resolve name to IP address...
    Name resolved to 192.168.1.1
    querying...
    UDP port 5723 (unknown service): LISTENING
    ========= end of log file ========= 
      PortQry developed by Tim Rains
    For failure port open:
    PortQry Version 2.0 Log File
    System Date: Tue Oct 07 09:42:32 2014
    Command run:
     C:\PortQryV2\PortQry.exe -N 192.168.1.1 -e 5723 -p UDP -l C:\Portqryv2\Result.log /y
    Local computer name:
     192.168.1.2
    Querying target system called:
     192.168.1.1
    Attempting to resolve name to IP address...
    Name resolved to 192.168.1.1
    querying...
    UDP port 5723 (unknown service): NOT LISTENING
    ========= end of log file ========= 
      PortQry developed by Tim Rains
    Now as per the above results NOT LISTENING Port is blocked or is not opened and LISTENING
    means working or port is opened.
    So now using SCOM you will monitor the log file Result.log
    in the location C:\Port_checker\ saying if NOT LISTENING
    comes in the log file throw me a alert in SCOM consle or via email.
    To configure that alert you need to create a Generic text log alerting Rule which will throw a alert if any thing added in that log which is not to be added and if it is added like NOT LISTENING
    then it will throw a alert.
    Refer this link on how to open a Generic text log alerting Rule.
    http://blogs.technet.com/b/kevinholman/archive/2009/06/20/using-a-generic-text-log-rule-to-monitor-an-ascii-text-file-even-when-the-file-is-a-unc-path.aspx
    Gautam.75801

  • What is the weblogic process or file opened with udp port?

    I'm running weblogic 8.1 on linux AS 3.0, whenever I bring it up, there is a process that listens on udp, although my weblogic runs on default tcp port 7001. What file or process opened with up port (32770)? I'm curious to know whats running with udp..
    Thanks

    Does anyone know why weblogic opens udp port/ which process maps to the port?
    Thanks

  • 10.6.5 firewall blocking udp ports used by ethernet MFC printer

    Hi All, is there any way to apply a custom rule to allow access through the 10.6.5 firewall for a couple of UDP ports? I am trying to enable scanning from the front panel on a Brother MFC990CW with static IP on our local net (adsl router) and the printer docs specify up to 3 ports to be opened. Have played with IPFW via term but my rule attempts are not having any impact. Also unable to find log location where firewall activity is logged.
    Would appreciate any tips.
    Happy New Year

    HI Michalien,
    happy new years eve
    have you tried adding the Image Capture Utility to the firewall? It Should open the port for you.
    system preferences, security, advanced button, + button
    navigate to Macintosh HD, Applications, Image Capture (witch handles most scanning in 10.6)
    You may also need to add the cannon scan utility as well.

  • How to setup a UDP port forward range

    Hi,
    We are trying to figure out how to setup UDP port forward range. This is the configuration that we are using.
    ip nat pool voip-rtp 10.10.10.3 10.10.10.3 netmask 255.255.255.0 type rotary
    ip nat inside destination list 114 pool voip-rtp
    access-list 114 permit udp any any range 16384 32767
    Where 10.10.10.3 is the host I want to forward the ports 16384 to 32767 to.
    This is not working. We use a similar set of commands for TCP range forwarding which work perfecting. Can anyone advise of the correct way to port forward a UDP range. 
    Damien

    thanks for the suggestion.
    I tried the same , but still the udp port 514 is not available. when i run nmap tool to scan the ports, the udp port 514 is not available to the external world and hence the syslog msgs i send to tat port is not being received. kindly help me out.
    thanks again!!

  • Our IT Director will not allow the appropriate TCP and UDP ports to be opened on the district WAN

    I have about 30 Apple TV Units and our IT Director will not allow the appropriate TCP and UDP ports to be opened on the district WAN.  When our teachers try to log on to Apple TV to broadcast lessons, websites, etc., they are booted off the network after about 20 minutes. 
    Any ideas for how I might solve this without having to hard-wire the Apple TV Units?

    Honestly, you do not.
    Either the IT director will cave and allow the appropriate ports or it doesn't work.
    Hard wiring the ATVs will not rectify the problem. 

Maybe you are looking for