cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

NMAP Printer Profiling

paul
Advocate
Advocate

I am not sure in what version NMAP defaults changed, but now unknown devices and most of the Cisco predefined profiles use "SNMPPortsandOS-scan" for the NMAP scanning.  Previously NMAP uses to scan all common ports.  Normally I don't care about more than SNMP, but port 9100 was a huge part of my printer strategy.

After rolling out monitor mode, I would usually create a profiler to pull in all NMAP 9100 listeners into a group and start creating a printer profile.  Now with common ports not on by default or even available in 2.1 (at least I don't see it) I am stuck with hopefully getting SNMP data or OUI.  DHCP is not enabled for printers in most customers even though we encourage them to go with DHCP and static reservations.

Is there any other way to get port 9100 open information?

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions

Charlie Moreton
Cisco Employee
Cisco Employee

In ISE 2.1 you can create your own NMAP Scans, SNMP Port being one of them.  Go to Policy > Policy Elements > Results and choose Profiling > Network Scan (NMAP) Actions.  From there, Choose +Add to create your own.

NMAP.PNG

Or, you might be able to use the SNMPPortsAndOS-scan default NMAP Scan Action.

From there, navigate to Policy > Profiling and choose the device profile for which you would like to add the NMAP Scan Action.  Choose the Network Scan (NMAP) Action from the drop down and click Save.

NMAP2.PNG

View solution in original post

2 REPLIES 2

Charlie Moreton
Cisco Employee
Cisco Employee

In ISE 2.1 you can create your own NMAP Scans, SNMP Port being one of them.  Go to Policy > Policy Elements > Results and choose Profiling > Network Scan (NMAP) Actions.  From there, Choose +Add to create your own.

NMAP.PNG

Or, you might be able to use the SNMPPortsAndOS-scan default NMAP Scan Action.

From there, navigate to Policy > Profiling and choose the device profile for which you would like to add the NMAP Scan Action.  Choose the Network Scan (NMAP) Action from the drop down and click Save.

NMAP2.PNG

Thanks I missed where you could define custom NMAP scans. I guess now we have to make a customer scan to get common ports then go and modify all the possible printer top level profiles to make sure 9100 is checked. Much easier before when common ports scan was the default.

Thanks for the quick feedback.

Paul Haferman

Office- 920.996.3011

Cell- 920.284.9250

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: