Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
253
Views
0
Helpful
7
Replies

Port Forwarding issue

alberto.sagredo.castro
Level 1
Level 1

‎11-24-2011 08:42 AM

I have been trying to open port using TCP/UDP and putting external ports different than internal, and using https:// to connecto to an uc 320.

Is there a problem using https?

I have a port mapping using TCP and a port that is using http and al works fine.

Its really strange

0 Helpful
7 Replies 7

alberto.sagredo.castro
Level 1
Level 1

‎11-24-2011 09:49 AM

Related to that

I have created a Advanced NAt rule , to see if it works. Either.

But now i could not delete this advanced nat rule.

i select delete i deleted, apply save. an reappears again

It seems an issue with that

0 Helpful

juliomar
Level 3
Level 3
In response to alberto.sagredo.castro

‎11-28-2011 05:31 PM

Hi Alberto,

There is an open defect on firmware 0.4.9 with this issue. 

CSCtt46057[Networking] unable to delete or disable/enable the adv NAT rule

Upcoming firmware releases have this fix. 

Can you disable the Adv NAT rule?

Cheers,

Julio

0 Helpful

alberto.sagredo.castro
Level 1
Level 1
In response to juliomar

‎11-28-2011 10:41 PM

Hi Julio

I had to reset ISA 570 in order to delete this rule. Now its deleted.

Glad to  hear is a know issue

0 Helpful

juliomar
Level 3
Level 3

‎11-28-2011 05:22 PM

Hi Alberto,

The UC320W by default uses port 8080 for remote https access, which also happens to be the port used by default by the ISA500 for remote https access.  To make this work, we are going to either change the listening remote management port of either the ISA or the UC320W.  Then make a Port Forward rule with the new changes.

Another way to tackle this is to assign an arbritary port (50443) and Port Forward to internal 8080 (UC320W) Now to create a Port Forward on the ISA, first you need to create a custom service (UC320RemAcces) and Set the port to 50443.   Original Service will be this new port , set the Translated Service to SHTTPD (which is TCP 8080), make the translated IP as the WAN IP of the UC320W, set the WAN value to WAN1, set the WAN IP as WAN1_IP, check Enable Port Forwarding and Create Firewall Rule , Click OK.

Then to manage the UC320W, you would attempt to reach it like this:

https://:50443

Best regards,

Julio

0 Helpful

alberto.sagredo.castro
Level 1
Level 1
In response to juliomar

‎11-28-2011 10:45 PM

Sure Julio

I have changed UC 320 W port to 10443 , access is via https, so i forwarded TCP PORT 10443 from WAN to LAN, as other stuff, as camera IP with HTTP access and it does not work.

I have tested making translation on ports and also using simetric ports , but same issue.

No access to UC 320.

I have asked to SPA team and it must work.

For your help i made a WAN 2 connection with ports forwarwed to UC 320 and this way works.

SO it seems something with WAN 1 connection or similar.

Its strange . If you need access to check or config backup let me know

0 Helpful

juliomar
Level 3
Level 3
In response to alberto.sagredo.castro

‎11-29-2011 04:55 PM

Hi Alberto,

I was able to remotely manage my UC320W uwing either WAN1 or WAN2.  I would like to find out the setting of your WAN interfaces.  Are they set to Load balance, Failover, PBR?

Can you send me a copy of your configuration file so that we can find out why you are unable to remotely manage your UC320W?   My email address is juliomar@cisco.com.

Best regards,

Julio

0 Helpful

alberto.sagredo.castro
Level 1
Level 1
In response to juliomar

‎12-01-2011 06:44 AM

Ok. I will forward config to you in order to check.

BR

0 Helpful
Customers Also Viewed These Support Documents