Local ports and protocols – Cisco ASA 5505 User Manual

Page 1896

B-14

Cisco ASA 5500 Series Configuration Guide using the CLI

Appendix B Addresses, Protocols, and Ports

Local Ports and Protocols

Table B-8

lists the protocols, TCP ports, and UDP ports that the ASA may open to process traffic

destined to the ASA. Unless you enable the features and services listed in

Table B-8

, the ASA does not

open any local protocols or any TCP or UDP ports. You must configure a feature or service for the ASA
to open the default listening protocol or port. In many cases you can configure ports other than the
default port when you enable a feature or service.

tftp

UDP

Trivial File Transfer Protocol

time

UDP

Time

uucp

TCP

540

UNIX-to-UNIX Copy Program

who

UDP

513

Who

whois

TCP

Who Is

www

TCP

World Wide Web

xdmcp

UDP

177

X Display Manager Control Protocol

Table B-7

Port Literal Values (continued)

Literal

TCP or UDP? Value

Description

Table B-8

Protocols and Ports Opened by Features and Services

Feature or Service

Protocol

Port Number

Comments

DHCP

UDP

67,68

—

Failover Control

105

N/A

—

HTTP

TCP

—

HTTPS

TCP

443

—

ICMP

N/A

—

IGMP

N/A

Protocol only open on destination IP
address 224.0.0.1

ISAKMP/IKE

UDP

500

Configurable.

IPsec (ESP)

N/A

—

IPsec over UDP
(NAT-T)

UDP

4500

—

IPsec over UDP
(Cisco VPN 3000
Series compatible)

UDP

10000

Configurable.

IPsec over TCP
(CTCP)

TCP

—

No default port is used. You must specify
the port number when configuring IPsec
over TCP.

NTP

UDP

123

—

OSPF

N/A

Protocol only open on destination IP
address 224.0.0.5 and 224.0.0.6

This manual is related to the following products:

ASA 5585-X ASA 5555-X ASA 5545-X ASA 5525-X ASA 5515-X ASA 5512-X ASA 5580 ASA 5550 ASA 5540 ASA 5520 ASA 5510 ASA 5500 Series