Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
1
Helpful
9
Replies

Open ports 8010,8015 and 8020 on a Cisco C1111-4P.

Stephanhup
Level 1
Level 1

‎11-20-2023 07:39 AM

Open ports 8010,8015 and 8020 on a Cisco C1111-4P.
Does anyone know how i can shut these open ports down.

With NMAP i see that the ports are open from the outside

Labels:
0 Helpful
9 Replies 9

M02@rt37
VIP
VIP

‎11-20-2023 07:49 AM

Hello @Stephanhup 

Do an ACL but be sure these ports are not necessary.

ip access-list extended WAN_IN
deny tcp any any eq 8010

Repeat this for ports 8015 and 8020 as needed.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Stephanhup
Level 1
Level 1
In response to M02@rt37

‎11-20-2023 07:55 AM

Thank you for your information, i have but the port still says open.. i have it with multiple Cisco C1111-4P. Like 200 of them..
i have forwarded the port to a unknown (not configured) ip-adress as a test, but it still says the port is up.

0 Helpful

Stephanhup
Level 1
Level 1
In response to Stephanhup

‎11-20-2023 07:56 AM

See the screencap

 

Preview file
9 KB
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Stephanhup

‎11-20-2023 07:57 AM

is this device doing any NAT ?

as i suggest best to deploy ACL to deny those ports to secure the router.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Stephanhup
Level 1
Level 1
In response to balaji.bandi

‎11-20-2023 08:00 AM

Yes i have, on the Dialer.

interface Dialer1
ip access-group Public_ACL in

ip access-list extended Public_ACL
1 deny tcp any any eq 8010 log

2 deny tcp any any eq 8015 log

3 deny tcp any any eq 8020 log

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎11-20-2023 07:50 AM

Depends on what service are running the router and where this Router Located in the network and role ?

Best is put ACL on the outside interface, so it will be secured from Internet access to device.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Stephanhup
Level 1
Level 1
In response to balaji.bandi

‎11-20-2023 08:04 AM

#show run | i service
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers

0 Helpful

Stephanhup
Level 1
Level 1

‎11-21-2023 11:38 PM

Thank you all for your comments. I found the problem. All tests, from multiple WAN connections, went through a Fortigate firewall. This performed package inspection, I think he has shown that the ports are open because of the inspection. We tested it with more different routers and they said the port was closed.

M02@rt37
VIP
VIP
In response to Stephanhup

‎11-22-2023 12:11 AM

Hello @Stephanhup 

Thanks for your feedback

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card