[c-nsp] Port 1720 & 1863
abs
abhishake00 at yahoo.com
Tue Dec 22 17:16:32 EST 2009
Hello all,
I am new to cisco (cisco 2800 series) so please excuse my ignorance. I have the following acl applied to all inbound traffic on the WAN interface:
ip access-list extended WANInBoundACL
permit udp any range bootps bootpc any range bootps bootpc
permit tcp any any established
permit udp any eq domain any
permit tcp any any eq 22
deny ip any any log
When I run a port scan I see port 1720 as well as port 1863 open. Port 1863 tends to open and close at random (don't understand why). I realize that I may need to add an explicit entry in the ACL's for port 1720 as the service runs by default given the version of IOS that I am running.
What I am failing to understand is why the above 2 ports are open even though I have a deny all statement at the end of the ACL. Am I misunderstanding something? Would someone be able to point me in the right direction? Thank you in advance.
cheers,
abs
More information about the cisco-nsp
mailing list