02-07-2006 11:06 PM - edited 03-10-2019 02:27 PM
What ports are need to be open for ACS remote managemet , default port 2002 its clear, but communication than move to 3857 so any others???... Is there any list of required ports????
Solved! Go to Solution.
02-08-2006 01:00 AM
The way in which the Web server manages web sessions is using specific ports. By default this is random, which as you have observed creates an issue with firewalls.
You can restrict the range of ports used for sessions via
Administration Control -> Access Policy
Then down the bottom is a section called HTTP Configuration
Here you can configure the ports that can be used for administration sessions.
So 2002 is always used for the initial login, and then once sucesfull the admin will be placed on to one of these ports.
Only one admin per port, so only opening 2 ports means that only 2 admins can have concurrent access.
Once you have determined how many admins you want to have concurrent access, select an appropriate port range and open this up in your firewall as well.
02-08-2006 01:00 AM
The way in which the Web server manages web sessions is using specific ports. By default this is random, which as you have observed creates an issue with firewalls.
You can restrict the range of ports used for sessions via
Administration Control -> Access Policy
Then down the bottom is a section called HTTP Configuration
Here you can configure the ports that can be used for administration sessions.
So 2002 is always used for the initial login, and then once sucesfull the admin will be placed on to one of these ports.
Only one admin per port, so only opening 2 ports means that only 2 admins can have concurrent access.
Once you have determined how many admins you want to have concurrent access, select an appropriate port range and open this up in your firewall as well.
02-08-2006 07:18 AM
Hello,
Here is a list with different UDP and TCP ports used by the ACS:
Cisco Secure ACS Ports Usage
Service name - UDP Port
Dynamic Host Configuration Protocol (DHCP) - 68
RADIUS authentication and authorization (original draft RFC) - 1645
RADIUS accounting (original draft RFC) - 1646
RADIUS authentication and authorization (revised RFC) - 1812
RADIUS accounting (original draft RFC) - 1813
Service name - TCP Port
TACACS+ AAA - 49
Replication and RDBM synchronization - 2000
ACS remote logging - 2001
HTTP administrative access (at login) - 2002
ACS distributed logging (appliance only) - 2003
Administrative access (after login)
port range Configurable (default 1024-65535) ACS assigns unique port number from the range to each administration session
Hope this helps! Please rate all posts.
Regards, Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide