https://community.cisco.com/t5/network-security/udp-2000/m-p/1590730#M591205 <P>I have an interesting issue. The server guys use IBM's RSA card to remotely manage servers, install OS, etc. The interesting part is that the port requires UDP/TCP 2000, but it does not work and I don't see any drops in the logs. If they are on the same subnet that the servers are on, it works fine. If they change the port from 2000 to 5090 on the server everything works fine. One of the server guys told me that the port 2000 is sending some kind of telephony traffic, he could not explain it any better and it is being dropped by the firewalls because of the type of traffic. I thought that if the firewall drops any traffic and the logging is enabled it will show up in the log. We have a few ASA5550/5580 pairs and a PIX535 pair. Did anyone see this before?</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 19:53:46 GMT balla-zoltan 2019-03-11T19:53:46Z https://community.cisco.com/t5/network-security/udp-2000/m-p/1590730#M591205 <P>I have an interesting issue. The server guys use IBM's RSA card to remotely manage servers, install OS, etc. The interesting part is that the port requires UDP/TCP 2000, but it does not work and I don't see any drops in the logs. If they are on the same subnet that the servers are on, it works fine. If they change the port from 2000 to 5090 on the server everything works fine. One of the server guys told me that the port 2000 is sending some kind of telephony traffic, he could not explain it any better and it is being dropped by the firewalls because of the type of traffic. I thought that if the firewall drops any traffic and the logging is enabled it will show up in the log. We have a few ASA5550/5580 pairs and a PIX535 pair. Did anyone see this before?</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 19:53:46 GMT https://community.cisco.com/t5/network-security/udp-2000/m-p/1590730#M591205 balla-zoltan 2019-03-11T19:53:46Z https://community.cisco.com/t5/network-security/udp-2000/m-p/1590731#M591206 <HTML><HEAD></HEAD><BODY><P>UDP 2000&nbsp; is used for <A class="mw-redirect active_link" href="http://en.wikipedia.org/wiki/Skinny_Client_Control_Protocol" title="Skinny Client Control Protocol">Cisco SCCP (Skinny)</A></P><P></P><P>Check if your policy-map if there is an inspect skinny, for example:</P><P></P><P></P><P>policy-map global_policy</P><P> class inspection_default</P><P>&nbsp; inspect dns preset_dns_map </P><P>&nbsp; inspect ftp </P><P>&nbsp; inspect h323 h225 </P><P>&nbsp; inspect h323 ras </P><P>&nbsp; inspect rsh </P><P>&nbsp; inspect rtsp </P><P>&nbsp; inspect esmtp </P><P>&nbsp; inspect sqlnet </P><P><SPAN style="color: #ff0000;"><STRONG>&nbsp; inspect skinny&nbsp; </STRONG></SPAN></P><P>&nbsp; inspect sunrpc </P><P>&nbsp; inspect xdmcp </P><P>&nbsp; inspect netbios </P><P>&nbsp; inspect icmp </P><P>&nbsp; inspect http </P><P>&nbsp; inspect ipsec-pass-thru </P><P>&nbsp; inspect sip&nbsp; </P><P>&nbsp; inspect mgcp </P><P></P><P>If you have and you are not using Skinny then remove the inspect.</P><P></P><P>That might solve your problem</P><DIV> </DIV><P></P></BODY></HTML> Mon, 21 Feb 2011 17:29:17 GMT https://community.cisco.com/t5/network-security/udp-2000/m-p/1590731#M591206 PAUL GILBERT ARIAS 2011-02-21T17:29:17Z