Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1278
Views
0
Helpful
5
Replies

Port 5901 - Alternate Port?

rpolanaroo
Level 1
Level 1

‎08-19-2011 05:34 PM - edited ‎03-11-2019 02:14 PM

With the Cisco ASA-5505, is there a more secure port that can be configured for VNC other than 5901? I am new to Firewalls in general so any detailed assistance would be greatly appreciated. We have a User who has requested that 5901 be opened but I was advised not to do so for security concerns.

I am fairly familar with the GUI but no command line experience.

Thank you,

Ron

Labels:
0 Helpful
5 Replies 5

Jennifer Halim
Cisco Employee
Cisco Employee

‎08-19-2011 06:21 PM

You could easily configure static PAT for the VNC traffic. Basically the user can connect to a different port than 5901 and the ASA can be configured to static PAT it back to 5901. So the ports that you would need to open on the ASA would be the port that the user is trying to connect to.

0 Helpful

rpolanaroo
Level 1
Level 1
In response to Jennifer Halim

‎08-19-2011 07:09 PM

Jennifer, you're a life saver. How would I go about this? Would you be able (and this is ALLOT to ask) to provide me with some screen shots?

Thank you so much. I am scheduled for some classes and cannot wait to sink my teeth into them!

Thanks,

Ron

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to rpolanaroo

‎08-19-2011 07:30 PM

Sure can...

Which version of ASA are you running?

0 Helpful

rpolanaroo
Level 1
Level 1
In response to Jennifer Halim

‎08-19-2011 07:53 PM

First of all, THANK YOU. I don't know you from a hole in the wall but would that I could I'd see to that you got the rest of the year off with unlimited use of the Cisco Lear!

The version information is unfortunately at work, but it was purchased a year ago and no firmware updates have been installed.

However, many months ago I saw a post addressing the same issue I had at the time and you provided him (her?) with a screen capture with the following date/time stamp: Jan 13, 2011 7:49 PM (in response to noctech73)

The GUI is identical. Just found the url:

https://supportforums.cisco.com/thread/2062122

I also recently downloaded a backup of the configuration. Is there anything within there that can help you?

Thank you very much!

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to rpolanaroo

‎08-19-2011 08:02 PM

LOL, I wish i have the rest of the year off

Great, back up copy would help, and I can give you the command line that you can just copy and paste into the configuration. Just let me know the internal IP Address of the VNC server, what IP Address you would like to NAT it to, as well as what other ports you would like the user to use when connecting from the internet.

You can just private message me the backup copy of the config instead of posting it on the forum. Let me know once you've forwarded, and i'll check it out for you. Cheers.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card