https://community.cisco.com/t5/network-security/nessus-scanning/m-p/1516821#M605226 <HTML><HEAD></HEAD><BODY><P>I am not sure what ports Nessus uses to call home.</P><P></P><P>But .you should only allow ports going to your server from the outside (outside ACL) that you want (for example web if the server is using web). Then all inbound traffic (initiated from outside) will be blocked unless the services you want. Inside initiated conns from Nessus will still work.</P><P></P><P>I hope it helps and makes sense.</P><P></P><P>PK</P></BODY></HTML> Tue, 07 Dec 2010 18:24:37 GMT Panos Kampanakis 2010-12-07T18:24:37Z https://community.cisco.com/t5/network-security/nessus-scanning/m-p/1516820#M605225 <P>Hello,</P><P></P><P>We recently acquired the Virtual Nessus scanner and have it sitting on a server "inside" our ASA firewall. I want to verify what port(s) that the Nessus needs to go "outside" our firewall to scan other locations. Just curious if it will need a certain TCP or UDP port to reach out or do I have to open the firewall up completely. I do not want to open up the firewall to everything just to allow the scanner to run. Any input would be appreciated.</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 19:19:20 GMT https://community.cisco.com/t5/network-security/nessus-scanning/m-p/1516820#M605225 onslaught99 2019-03-11T19:19:20Z https://community.cisco.com/t5/network-security/nessus-scanning/m-p/1516821#M605226 <HTML><HEAD></HEAD><BODY><P>I am not sure what ports Nessus uses to call home.</P><P></P><P>But .you should only allow ports going to your server from the outside (outside ACL) that you want (for example web if the server is using web). Then all inbound traffic (initiated from outside) will be blocked unless the services you want. Inside initiated conns from Nessus will still work.</P><P></P><P>I hope it helps and makes sense.</P><P></P><P>PK</P></BODY></HTML> Tue, 07 Dec 2010 18:24:37 GMT https://community.cisco.com/t5/network-security/nessus-scanning/m-p/1516821#M605226 Panos Kampanakis 2010-12-07T18:24:37Z