cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
472
Views
0
Helpful
1
Replies

Opening ports on site-to-site VPN

Mike Thomas
Level 1
Level 1

I've got a site-to-site VPN running on a pair of Cisco 5510 firewalls. One end is with me at my primary site and the other several miles away at a datacenter. I'd like to find out which ports are open across the VPN and which are not prior to attempting some installs at the datacenter. Is there an easy way to tell using the ASDM interface? I would also need to know how to open specific ports if I find that they are closed. Thanks in advance for any help!          

1 Reply 1

Haitham Jaradat
Cisco Employee
Cisco Employee

There is no direct way however, check the match ACLs in the crypto map config those should show you what traffic is being encrypted then check the tunnel group/ group policy configuration for any VPN filters applied, if none, the traffic specified in the match acl is your traffic. assuming no other firewall policies are blocking the traffic (for example an acl applied to the inside interface)

Sent from Cisco Technical Support iPhone App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: