Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3046
Views
10
Helpful
3
Replies

CTC TCP/UDP Ports numbers

Go to solution
chris-hart
Level 1
Level 1

‎09-12-2012 06:36 AM

Does anyone know the TCP/UDP Port numbers that have to be opened up when using NAT, this is what I have:

CTC PC >>>>>>>>>>> ROUTER >>>>>>>>>>>ONS15454

The CTC PC and the ONS are on different IP Networks so I'm the router to translate from one to the other with NAT, configured the ONS15454 to use Socks.

I used to have a document that explained this but I've lost it.

THanks

Chris

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mayfwh
Cisco Employee
Cisco Employee

‎09-15-2012 06:01 AM

Hi Chris.

I see you already have provisioned the node for SOCKS Proxy.  If you want to be able to still have IP connectivity (for ping or telnet) to the ENE's, then enable the SOCKS Proxy Only option.  The SOCKS Proxy needs to be provisioned on the LAN connected 15454 at the very least.  You can also go to the CTC drop down menu:  Edit -> Preferences -> Firewall and change the port from being variable to static default.  That will further restrict the ports that are used by CTC.  This should resolve any intermittent connectivity issues in CTC if it is being caused by a firewall.

www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp42216

"If  you launch CTC against a node through a Network Address Translation  (NAT) or Port Address Translation (PAT) router and that node does not  have proxy enabled, your CTC session starts and initially appears to be  fine. However, CTC never receives alarm updates and disconnects and  reconnects every two minutes. If the proxy is accidentally disabled, it  is still possible to enable the proxy during a reconnect cycle and  recover your ability to manage the node, even through a NAT/PAT  firewall."

Lastly, to answer your question directly below is a link to the list:

www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp59962

Table 14-6 Ports Used by the TCC2/TCC2P

Thanks,

Will

View solution in original post

0 Helpful
3 Replies 3

Go to solution
mayfwh
Cisco Employee
Cisco Employee

‎09-15-2012 06:01 AM

Hi Chris.

I see you already have provisioned the node for SOCKS Proxy.  If you want to be able to still have IP connectivity (for ping or telnet) to the ENE's, then enable the SOCKS Proxy Only option.  The SOCKS Proxy needs to be provisioned on the LAN connected 15454 at the very least.  You can also go to the CTC drop down menu:  Edit -> Preferences -> Firewall and change the port from being variable to static default.  That will further restrict the ports that are used by CTC.  This should resolve any intermittent connectivity issues in CTC if it is being caused by a firewall.

www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp42216

"If  you launch CTC against a node through a Network Address Translation  (NAT) or Port Address Translation (PAT) router and that node does not  have proxy enabled, your CTC session starts and initially appears to be  fine. However, CTC never receives alarm updates and disconnects and  reconnects every two minutes. If the proxy is accidentally disabled, it  is still possible to enable the proxy during a reconnect cycle and  recover your ability to manage the node, even through a NAT/PAT  firewall."

Lastly, to answer your question directly below is a link to the list:

www.cisco.com/en/US/docs/optical/15000r9_1/15454/sonet/reference/guide/454a91_nwconnectivity.html#wp59962

Table 14-6 Ports Used by the TCC2/TCC2P

Thanks,

Will

0 Helpful

Go to solution
chris-hart
Level 1
Level 1
In response to mayfwh

‎09-17-2012 01:11 AM

Thanks Will, thats the document I lost before, just trying to set up a small 2 Node lab with some spare kit 32 WSS, 32DMX etc but I don't want all the Catalyst Switches etc I'm using for the multishelf config to be visible from the network.

Go to solution
chris-hart
Level 1
Level 1
In response to chris-hart

‎09-20-2012 03:19 AM

            Just an update for anyone interested, I configured the shelf connected to the router as proxy-socks then opened up the following TCP ports:

       80, 443 and 1080.

This is the config on the router:

ip nat inside source route-map nat_map interface FastEthernet0/0 overload

ip nat inside source static tcp 192.168.235.60 80 10.202.53.150 80 extendable

ip nat inside source static tcp 192.168.235.60 443 10.202.53.150 443 extendable

ip nat inside source static tcp 192.168.235.60 1080 10.202.53.150 1080 extendable

!

access-list 100 permit ip 192.168.235.0 0.0.0.255 any

route-map nat_map permit 10

match ip address 100

It works fine :-)

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card