04-30-2021 07:51 AM
We are implementing a cisco prime and our client needs to deactivate certain ports that appear open in cisco prime, is it possible to deactivate them with some command?
pi-system/admin# show security-status
Open TCP Ports : 22 443 1522 8078 8080 8082 8087 9992 20830 61617
Open UDP Ports : 162 514 9991
We need to disable 8080, 20830, 616177.
Thanks in advance
Solved! Go to Solution.
04-30-2021 08:49 AM
>is if there is any command or option in the GUI to disable Open TCP ports or Open UDP Ports
No ,because as the documentation denotes , ports are tied to apps. You need to control the apps .disable or enable them (e.g.) , as stated Prime functionality could get hampered.
M.
04-30-2021 08:19 AM
- Check that guide for security guidelines concerning ports used in Prime.
>...WLC to Prime Infrastructure: TCP port 20828 (for IOS-XE 16.10 and 16.11) or 20830 (for IOS-XE 16.12,17.x and later) -
So prime apparently needs this in order to communicate with wireless controllers.
I couldn't find any references for 616177 , but note that Prime should be considered as an appliance, functionality may be hampered if closed 'unknowingly'
M.
04-30-2021 08:22 AM
check admin guide bottom of the page :
04-30-2021 08:36 AM
Thanks for yours answer, I had already reviewed the documentation but it only allows to disable ftp and tftp, my question is if there is any command or option in the GUI to disable Open TCP ports or Open UDP Ports
Or the only option is to block these ports in the client firewall?
04-30-2021 08:49 AM
>is if there is any command or option in the GUI to disable Open TCP ports or Open UDP Ports
No ,because as the documentation denotes , ports are tied to apps. You need to control the apps .disable or enable them (e.g.) , as stated Prime functionality could get hampered.
M.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: