topic Re: ports for ACS in Network Access Control

ports for ACS

m.sir — Sun, 10 Mar 2019 21:27:49 GMT

What ports are need to be open for ACS remote managemet , default port 2002 its clear, but communication than move to 3857 so any others???... Is there any list of required ports????

Re: ports for ACS

andrewclymer — Wed, 08 Feb 2006 09:00:08 GMT

The way in which the Web server manages web sessions is using specific ports. By default this is random, which as you have observed creates an issue with firewalls.

You can restrict the range of ports used for sessions via

Administration Control -> Access Policy

Then down the bottom is a section called HTTP Configuration

Here you can configure the ports that can be used for administration sessions.

So 2002 is always used for the initial login, and then once sucesfull the admin will be placed on to one of these ports.

Only one admin per port, so only opening 2 ports means that only 2 admins can have concurrent access.

Once you have determined how many admins you want to have concurrent access, select an appropriate port range and open this up in your firewall as well.

Re: ports for ACS

mheusinger — Wed, 08 Feb 2006 15:18:34 GMT

Hello,

Here is a list with different UDP and TCP ports used by the ACS:

Cisco Secure ACS Ports Usage

Service name - UDP Port

Dynamic Host Configuration Protocol (DHCP) - 68

RADIUS authentication and authorization (original draft RFC) - 1645

RADIUS accounting (original draft RFC) - 1646

RADIUS authentication and authorization (revised RFC) - 1812

RADIUS accounting (original draft RFC) - 1813

Service name - TCP Port

TACACS+ AAA - 49

Replication and RDBM synchronization - 2000

ACS remote logging - 2001

HTTP administrative access (at login) - 2002

ACS distributed logging (appliance only) - 2003

Administrative access (after login)

port range Configurable (default 1024-65535) ACS assigns unique port number from the range to each administration session

Hope this helps! Please rate all posts.

Regards, Martin