Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2956
Views
0
Helpful
4
Replies

Disable open TCP/UPD Ports on cisco prime

Go to solution
jose.guzman
Level 1
Level 1

‎04-30-2021 07:51 AM

We are implementing a cisco prime and our client needs to deactivate certain ports that appear open in cisco prime, is it possible to deactivate them with some command?

 

 

pi-system/admin# show security-status

Open TCP Ports : 22 443 1522 8078 8080 8082 8087 9992 20830 61617
Open UDP Ports : 162 514 9991

 

We need to disable 8080, 20830, 616177.

 

Thanks in advance

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
VIP
VIP
In response to jose.guzman

‎04-30-2021 08:49 AM

 

                >is if there is any command or option in the GUI to disable Open TCP ports  or Open UDP Ports

 No ,because as the documentation denotes , ports are tied to apps. You need to control the apps .disable or enable them (e.g.) , as stated Prime functionality could get hampered.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

View solution in original post

0 Helpful
4 Replies 4

Go to solution
marce1000
VIP
VIP

‎04-30-2021 08:19 AM

 

 Ref : https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-4/admin/guide/bk_CiscoPrimeInfastructure_3_4_AdminGuide/bk_CiscoPrimeInfastructure_3_4_AdminGuide_appendix_01110.pdf

                   - Check that guide for security guidelines concerning ports used in Prime. 

 

 Ref : https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214286-managing-catalyst-9800-wireless-controll.html

 >...WLC to Prime Infrastructure: TCP port 20828 (for IOS-XE 16.10 and 16.11) or 20830 (for IOS-XE 16.12,17.x and later) -

              So prime apparently needs this in order to communicate with  wireless controllers.

 

  I couldn't find any references for 616177 , but note that Prime should be considered as an appliance, functionality may be hampered if closed 'unknowingly'

  M.

 

 



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
jose.guzman
Level 1
Level 1
In response to balaji.bandi

‎04-30-2021 08:36 AM

Thanks for yours answer, I had already reviewed the documentation but it only allows to disable ftp and tftp, my question is if there is any command or option in the GUI to disable Open TCP ports  or Open UDP Ports

 

Or the only option is to block these ports in the client firewall?

0 Helpful

Go to solution
marce1000
VIP
VIP
In response to jose.guzman

‎04-30-2021 08:49 AM

 

                >is if there is any command or option in the GUI to disable Open TCP ports  or Open UDP Ports

 No ,because as the documentation denotes , ports are tied to apps. You need to control the apps .disable or enable them (e.g.) , as stated Prime functionality could get hampered.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents