Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1064
Views
0
Helpful
1
Replies

Cisco ACS - UDP Port 9993

Manoj Gupta
Level 1
Level 1

‎07-21-2015 11:03 PM - edited ‎03-10-2019 10:55 PM

Hi All,

 

As per the user guide for ACS we need to open UDP port 9993 for ACS View net flow syslog processing. My query is under which situation we need this port to be opened and what would be the source & destination for opening this port in firewall.

 

I will be using the Cisco ACS only for device administration purpose.

 

Regards,

Manoj
 

Labels:
0 Helpful
1 Reply 1

sbhadrav@cisco.com
Level 5
Level 5

‎03-14-2018 11:07 AM

The way in which the Web server manages web sessions is using specific ports. By default this is random, which as you have observed creates an issue with firewalls.

You can restrict the range of ports used for sessions via

Administration Control -> Access Policy

Then down the bottom is a section called HTTP Configuration

Here you can configure the ports that can be used for administration sessions.

So 2002 is always used for the initial login, and then once sucesfull the admin will be placed on to one of these ports.

Only one admin per port, so only opening 2 ports means that only 2 admins can have concurrent access.

Once you have determined how many admins you want to have concurrent access, select an appropriate port range and open this up in your firewall as well

0 Helpful
Customers Also Viewed These Support Documents