Solved

NOrtel Contivity 1010 -open port

Posted on 2006-10-25
8
898 Views
Last Modified: 2011-10-03
I need to open a port. I am in the menu but there is no  port open etc ... can anyone walk me through this. Its port 443 by the way.


Thanks
0
Comment
Question by:tmandu
  • 4
  • 4
8 Comments
 
LVL 2

Expert Comment

by:HeavyWaterLTD
Comment Utility
If you are not running a firewall you have to create and apply a new "contivity interface filter"

Check your public interface to see what filter it is currently running. It's most likely "default-contivity filter" which only allows inbound IPSEC. You can create and edit filters I believe under: profiles -> filters. just copy the default filter and allow port 443 on top.
0
 

Author Comment

by:tmandu
Comment Utility
our firewall is the contivity .. so do i do the contivity interface a filter .

I have no clue where to start what is it under ?
System
servgices
Routing ??
0
 
LVL 2

Expert Comment

by:HeavyWaterLTD
Comment Utility
by default the contivity boxes are secured by contivity interface filters which are much like cisco access-lists. If you bought additional firewall license you have a stateful firewall running on your box.

If you have the firewall look under services -> FIREWALL/NAT
0
 

Author Comment

by:tmandu
Comment Utility
Yes I have the contivity firewall..So now how can I open a port >

Thx
0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 
LVL 2

Expert Comment

by:HeavyWaterLTD
Comment Utility
If you have the Stateful firewall installed there should be a button in FIREWALL>NAT page which will launch a gui tool. Here you can create hosts/networks and insert rules as needed: Make the rule something like.....

Action: PERMIT
source: ANY
destination: "your HTTPS server host"
destination port: 443 or HTTPS

and you can leave other parameters at "ANY." You may have to create custom objects on your own during this process like your server.....  Make sure to put this rule in at the top of your list.
____________________________

If your box is running the "interface filter" instead of the stateful firewall you need to edit your default interface filter.....

you do this in PROFILES>FILTERS

select "Deny All" filter from the Contivity Interface Filters sections. You can edit this default rule and insert a similar rule to the above. You'll have to go through various pages to create new host etc..... remember when you create a host here with a specified IP address use wildcard bits instead of subnet mask. (eg.... host 1.1.1.1/0.0.0.0). Again after you create the rule make sure the rule appears on the very top of the "deny all" filter.

0
 

Author Comment

by:tmandu
Comment Utility
Under the GUI is it INterface specific   of IMplied ??
0
 
LVL 2

Accepted Solution

by:
HeavyWaterLTD earned 500 total points
Comment Utility
i don't specifically recall the details of the GUI interface but your should create a specific rule. Implied rules should have some default rules that allows normal ipsec functionality of the box(probably not a good idea to touch these rules).
0
 

Author Comment

by:tmandu
Comment Utility
Hey, I have to OPEN  port 443 for ADP transmission. I am in the NAT FIREwall.
 

 
I added the second rule. under the TCP/ADP icon i putin port 443 , then ACCEPT.
Do i have to have anything under DESTIINATION ( in yellow) like ADPS IP address, or am I looking at this the wrong way ?
 
Also do I have to do anything in the SOURCE INTERFACE RULES. ALso shoudl this new rule be first ???
 
Thanks - I think I'm almost there.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now