Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2161
Views
0
Helpful
2
Replies

Can asdm-5505 allow apple bonjour protocol through VPN

danpenforreal
Level 1
Level 1

‎10-28-2011 09:38 PM - edited ‎03-04-2019 02:05 PM

Hi Everybody,

I am trying to use the apple finder/application to view all my apple mac-mini computers.  I do have two asdm-5505 connected via a vpn tunnel.

At this point I can view only the computers on the local subnets. I called AppleCare and they gave some possible ports that can be opened in the firewall to allow the Bonjour protocol to pass through the ASDM:ports 5297/tcp, 5298/tcp-udp, 5353/udp, and 5354/tcp

I would really appreciate if anyone of you can help with this problem.  I am not sure if this is possible at all.  Thank you in advance for all your help.

Bonjour is the equivalent of Microsoft Netbeui used in Windows to browse the local subnet computers using Network Place desktop icon.

Labels:
0 Helpful
2 Replies 2

vipinrajrc
Level 3
Level 3

‎10-28-2011 10:03 PM

Hi,

Are you trying to view a remote location computers?

Could you please specify what do you mean by two asdm-5505 ?

If you want to open these ports from outside interface

Login to the ASDM,

Then Configuration --> Global object --> Service Groups --> Then create two deifferent TCp and UDP service group with all the needed port numbers.

Then Go to security policy --> Add --> Add access rule --> then put from source your subnet --> destination the inside network --> service --> put the service group just created.

If it is a latest version of ASDM . it is having a GUI tool called packet tracer.  From this you can check the working of the rule.

Hope this Helpful

Thanks

Vipin

Thanks and Regards, Vipin
0 Helpful

danpenforreal
Level 1
Level 1
In response to vipinrajrc

‎10-29-2011 06:07 PM

Hi Vipin,

Thank you so much for helping out!!  I have the 2 ASA 5505 Cisco Firewalls, on different locations connecting through a Site-to-Site VPN Tunnel.  And, yes, I am trying to view the remote computers on each side.

I am dealing with an Apple environroment using the Finder (the equivalent of Windows Explorer) to browse the computers on my local subnet.  I would like to see the other computers on the Subnet of the remote Firewall.

I suspect the Bonjour protocol is not being commuicated across the VPN Turnnel by the Firewalls.  I know Routers

do not pass broadcast. so maybe that what is going on?  I do believe Bonjour has a wide-area service discovery.

I do remember reading something about DHCP Help, in Cisco Routers,  to  activate DHCP Relay.....I am not really sure.

Anyway, maybe is just a matter of opening those ports on the firewall.  I will keep in touch.  Thanks again for your response.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card