cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
151825
Views
113
Helpful
12
Replies

how do we check for open ports on a router ?

zaqtivi
Level 1
Level 1

how can we view all the open ports on a router (if your sourcing from an outside IP) ?

can we view open ports by using 'show' commands ?

thanks.

1 Accepted Solution

Accepted Solutions

leighharrison
Level 7
Level 7

Hi there,

I can't remember the command off the top of my head, but try something along the lines of:-

"show ip socket" or

"show ip tcp brief" or "show tcp brief"

Not too sure which one it is, but one of them will give you a good idea. Failing that - grab a port scanner, there is a great one called "the dude" and another good one called nmap. Pop them into google.

Hope that helps,

LH

Please rate all posts

View solution in original post

12 Replies 12

All ports are open, by default, on a router. If you aren't blocking any ports with an ACL then you can safely assume all ports are open.

HTH

Sundar

Do you mean all ports the router would accept connections on? Connections directed to the router? Usually port 23 for telnet and 80 for HTTP access....

I don't know if this answer your question. In case you mean what ports are allowed, if you have inspection enabled everything from outside will be denied unless you allow them by an ACL on the outside interface.

Hope the above could help,

Please rete if Icould help,

Hi,

Even if you had CBAC (inspection) configured on the router you would have to apply an ACL on the outside interface to block everything coming in. The router would inspect all the traffic from inside and create dynamic ACE(s) in the ACL, applied on the outside interface, for the return traffic to be allowed back to the inside host.

HTH

Sundar

leighharrison
Level 7
Level 7

Hi there,

I can't remember the command off the top of my head, but try something along the lines of:-

"show ip socket" or

"show ip tcp brief" or "show tcp brief"

Not too sure which one it is, but one of them will give you a good idea. Failing that - grab a port scanner, there is a great one called "the dude" and another good one called nmap. Pop them into google.

Hope that helps,

LH

Please rate all posts

exactly "show ip sockets"

tks!

show ip ports all 

Hi there,

 

I have issue with sending email out  from my network.

 

Email setting on host:

 

smtp server name : smtp.gmail.com

smtp port number : 465

 

 

How do i check whether smtp port 465 is opend in cisco router ?

 

Router model is 3925.

 

Thank you.

 

The command is actually 'show control-plane host open-ports' (listed in an answer below).

 

That should be pinned as the answer. 

 

Ty. 

Hello,

 

I don't remember the exact date, but 12.4(4)T, the release where the command 'show control-plane host open-ports' was introduced, might not have been around at the time this question was posted (2006). At the time, this would have been more or less the latest release, so chances are many devices were not running it yet.

minumathur
Level 1
Level 1

Hi

I think, you can try " show ip nbar port-map " command, this will give you list of tcp and udp ports, this command support certain router.

Please rate this post.

-minu mathur

when you use ip helpe address method, then following UDP ports are by defaul open

1) TFTP-69

2) DNS-53

3) Time-37

4) Netbios name services-137

5)Netbious datagram services-138

6)BOOTP server-67

7)Bootp client-68

8) Tacacs-49

Please rate this post

marstoyanoff
Level 1
Level 1

Here is your answer:

show control-plane host open-ports

 

HTH,

MS

The show IP socket would give you more insight of what you need.

Please do not hesitate to click the STAR button if you are satisfied with my answer.
Review Cisco Networking for a $25 gift card