Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1085
Views
10
Helpful
8
Replies

Port 80 And port 443 Opening on Cisco router

CCIE Aspirant
Level 1
Level 1

‎11-02-2022 06:26 AM

Hi,

we are having tunnel from cisco lte  router to asr at HO router. we have configured static Public IP at spoke router which is hosted by HUB router. the HUB is having route to this ip through tunnel and spoke is sending all the traffic to the hub.

the tunnel is up and we can get internet using static ip at spoke side. the problem is when we check the ports 443 and 80, they are showing us blocked. 

Kindly needs suggestion how to enable these ports. do we need to do some configs on hub or spoke.

we do not have any firewall in this setup.

 

 

8 Replies 8

balaji.bandi
Hall of Fame
Hall of Fame

‎11-02-2022 06:58 AM 

the problem is when we check the ports 443 and 80, they are showing us blocked.

This required more clariry ? where is this Blocked ? spoke side ?

where is the source you testing from  (and come to conclusion its blocked)

do you have any ACL or sample configuration for us to understand and give you some advise based on the input

provide what is source IP - where it located ?

where is the destination IP you think for the port 80/443 blocked ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

CCIE Aspirant
Level 1
Level 1
In response to balaji.bandi

‎11-03-2022 03:12 AM

Hi,

Thanks for the reply @balaji.bandi 

it is being used by at our remote site and it might seems to be blocked at spoke but i am not sure it can be at hub.

i am checking it on port checker website.

there is no acl. it is ipsec tunnel between hub and spoke and static routing.

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to CCIE Aspirant

‎11-03-2022 05:18 AM

check locally works for that ports ? then we need to look some debug and see is the traffic leaving spoke and reached Hub ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

CCIE Aspirant
Level 1
Level 1
In response to balaji.bandi

‎11-03-2022 06:59 AM

can you suggest how we can test locally?

the site is getting internet through the ipsec tunnel. spoke is at site.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to CCIE Aspirant

‎11-03-2022 07:04 AM

I may have missed this information - is this 80 and 443, Server hosted on Hub side ? or is this internet port 80 and 443 ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

CCIE Aspirant
Level 1
Level 1
In response to balaji.bandi

‎11-03-2022 07:11 AM

This is internet Port 80 and port 443 . whenever we check ports 80 and 443 on port checker website for our IP hosted by hub through tunnel, it shows it is blocked. 

0 Helpful

MHM Cisco World
VIP
VIP

‎11-02-2022 07:23 AM

are you use Zone FW in Spoke or Hub ? if Yes do you config Self Zone ?

0 Helpful

CCIE Aspirant
Level 1
Level 1
In response to MHM Cisco World

‎11-03-2022 03:13 AM

@MHM Cisco World  thanks for the reply

no we are not using any fw

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card