Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2562
Views
0
Helpful
4
Replies

Packet Tracer command

Manu Shankar
Level 1
Level 1

‎11-13-2018 11:42 PM - edited ‎02-21-2020 08:28 AM

How can I put the source port (src-port) as any in the below ASA command instead of specific port? 

 

packet-tracer input ifc_name protocol src-ip src-port dst-ip dst-port

 

packet-tracer input outside tcp 192.168.10.10 3389 172.16.10.10 3389

 

ciscoasa# sh conn
6 in use, 12 most used
TCP DMZ 192.168.10.10:3389 Inside 172.16.10.10:49165, idle 0:00:27, bytes 127770, flags UIO

0 Helpful
4 Replies 4

Mohammed al Baqari
Level 11
Level 11

‎11-14-2018 12:43 AM

You can't use any as source port. You have to specify a number but its not
relevant as the source port is usually random > 1023.
0 Helpful

Manu Shankar
Level 1
Level 1
In response to Mohammed al Baqari

‎11-14-2018 12:54 AM

That means the packet tracer command doesn't check the source port. It only meant to check the SIP, DIP and dst-port. 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Manu Shankar

‎11-14-2018 02:13 AM

It can and does check the source port. However, due to the nature of how tcp and udp generally works, source ports are ephemeral (semi-random port number >1023 as @Mohammed al Baqari mentioned) so we very seldom have an ACL or other rule that restricts source port numbers.

 

Generally when using packet-tracer I just use 1234 as my source port unless I have a specific reason to use a specific port (very very rarely in real life).

0 Helpful

Manu Shankar
Level 1
Level 1
In response to Marvin Rhoads

‎11-14-2018 03:14 AM

Thank you Mohammed and Marvin.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card