+ Reply to Thread
Results 1 to 3 of 3
  1. Senior Member mikearama's Avatar
    Join Date
    May 2007
    Location
    Oshawa, Ontario
    Posts
    757

    Certifications
    CCNP, CCSP, CISSP, MCSE
    #1

    Default ACL using tcp port 0?

    I kid you not... got this request yesterday, to open a firewall port for an application that internally uses tcp 0. Haven't seen that in my 12 years in networks.

    Now access to the application is being requested for a partner, so access through some ASA's is required. I would add this kinda ACL:

    access-list acl_BNS ext per tcp 10.9.37.0 255.255.255.128 host 10.60.25.149 eq 0

    I would expect this ACL to error out. Before I try it... anyone else ever had such a request? Will it work?

    Thanks,
    Mike
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    May 2009
    Location
    DMV
    Posts
    2,201

    Certifications
    CCNP, CCNP(V), S+ CCIE V(written)
    #2
    Currently Reading

    CUCM SRND 9x/10, UCCX SRND 10x, QOS SRND, SIP Trunking Guide, anything contact center related
    Reply With Quote Quote  

  4. Senior Member mikearama's Avatar
    Join Date
    May 2007
    Location
    Oshawa, Ontario
    Posts
    757

    Certifications
    CCNP, CCSP, CISSP, MCSE
    #3
    Good fine, sho.

    I had read similar... and that typical tcp stacks will reject anything arriving for tcp/0. And yet, we have it in use in our corporate lan.

    Still, I think the ASA's, like the MAR's appliance in your link, will see tcp/0 as problematic. I'm kinda looking forward to trying it out tonight, just to see what happens.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks