09-19-2006 12:49 PM - edited 03-03-2019 02:03 PM
how can we view all the open ports on a router (if your sourcing from an outside IP) ?
can we view open ports by using 'show' commands ?
thanks.
Solved! Go to Solution.
09-20-2006 01:35 AM
Hi there,
I can't remember the command off the top of my head, but try something along the lines of:-
"show ip socket" or
"show ip tcp brief" or "show tcp brief"
Not too sure which one it is, but one of them will give you a good idea. Failing that - grab a port scanner, there is a great one called "the dude" and another good one called nmap. Pop them into google.
Hope that helps,
LH
Please rate all posts
09-19-2006 02:46 PM
All ports are open, by default, on a router. If you aren't blocking any ports with an ACL then you can safely assume all ports are open.
HTH
Sundar
09-19-2006 03:04 PM
Do you mean all ports the router would accept connections on? Connections directed to the router? Usually port 23 for telnet and 80 for HTTP access....
I don't know if this answer your question. In case you mean what ports are allowed, if you have inspection enabled everything from outside will be denied unless you allow them by an ACL on the outside interface.
Hope the above could help,
Please rete if Icould help,
09-19-2006 03:26 PM
Hi,
Even if you had CBAC (inspection) configured on the router you would have to apply an ACL on the outside interface to block everything coming in. The router would inspect all the traffic from inside and create dynamic ACE(s) in the ACL, applied on the outside interface, for the return traffic to be allowed back to the inside host.
HTH
Sundar
09-20-2006 01:35 AM
Hi there,
I can't remember the command off the top of my head, but try something along the lines of:-
"show ip socket" or
"show ip tcp brief" or "show tcp brief"
Not too sure which one it is, but one of them will give you a good idea. Failing that - grab a port scanner, there is a great one called "the dude" and another good one called nmap. Pop them into google.
Hope that helps,
LH
Please rate all posts
08-13-2013 01:16 PM
exactly "show ip sockets"
tks!
02-20-2018 05:40 AM
show ip ports all
02-18-2020 01:22 AM
12-06-2020 07:40 AM
The command is actually 'show control-plane host open-ports' (listed in an answer below).
That should be pinned as the answer.
Ty.
12-06-2020 08:53 AM
Hello,
I don't remember the exact date, but 12.4(4)T, the release where the command 'show control-plane host open-ports' was introduced, might not have been around at the time this question was posted (2006). At the time, this would have been more or less the latest release, so chances are many devices were not running it yet.
09-20-2006 01:57 AM
Hi
I think, you can try " show ip nbar port-map " command, this will give you list of tcp and udp ports, this command support certain router.
Please rate this post.
-minu mathur
when you use ip helpe address method, then following UDP ports are by defaul open
1) TFTP-69
2) DNS-53
3) Time-37
4) Netbios name services-137
5)Netbious datagram services-138
6)BOOTP server-67
7)Bootp client-68
8) Tacacs-49
Please rate this post
08-29-2015 11:51 AM
Here is your answer:
show control-plane host open-ports
HTH,
MS
02-18-2020 05:52 AM
The show IP socket would give you more insight of what you need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide