Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
586
Views
0
Helpful
1
Replies

open port range

m.hostetler
Level 1
Level 1

‎01-17-2008 01:22 PM - edited ‎03-03-2019 08:18 PM

I have an 1841 with IOS 12.4 connected to an isp with a single subnet - I am trying to create and access list for IP phone access to a single internal IP on ports:

5566 tcp

5567 udp

6004-7039 udp

I can nat the first two with static entries but I cannot seem to get the port range to work?

Thank you in advance for any help

Labels:
0 Helpful
1 Reply 1

ebreniz
Level 6
Level 6

‎01-23-2008 09:09 AM

In order to open certain range of TCP or UDP ports on PIX, use the service object group and define it in an ACL or conduit. Refer to this configuration example:

PIX (config)#object-group service tcp

PIX(config-service)#port-object range <1-65535>

PIX (config)#object-group service udp

PIX(config-service)#port-object range <1-65535>

Bind the object-groups with access-lists:

PIX (config)#access-list permit tcp any any object-group

PIX (config)#access-list permit udp any any object-group

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml#serv

0 Helpful
Customers Also Viewed These Support Documents