• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 917
  • Last Modified:

NOrtel Contivity 1010 -open port

I need to open a port. I am in the menu but there is no  port open etc ... can anyone walk me through this. Its port 443 by the way.


Thanks
0
tmandu
Asked:
tmandu
  • 4
  • 4
1 Solution
 
HeavyWaterLTDCommented:
If you are not running a firewall you have to create and apply a new "contivity interface filter"

Check your public interface to see what filter it is currently running. It's most likely "default-contivity filter" which only allows inbound IPSEC. You can create and edit filters I believe under: profiles -> filters. just copy the default filter and allow port 443 on top.
0
 
tmanduAuthor Commented:
our firewall is the contivity .. so do i do the contivity interface a filter .

I have no clue where to start what is it under ?
System
servgices
Routing ??
0
 
HeavyWaterLTDCommented:
by default the contivity boxes are secured by contivity interface filters which are much like cisco access-lists. If you bought additional firewall license you have a stateful firewall running on your box.

If you have the firewall look under services -> FIREWALL/NAT
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
tmanduAuthor Commented:
Yes I have the contivity firewall..So now how can I open a port >

Thx
0
 
HeavyWaterLTDCommented:
If you have the Stateful firewall installed there should be a button in FIREWALL>NAT page which will launch a gui tool. Here you can create hosts/networks and insert rules as needed: Make the rule something like.....

Action: PERMIT
source: ANY
destination: "your HTTPS server host"
destination port: 443 or HTTPS

and you can leave other parameters at "ANY." You may have to create custom objects on your own during this process like your server.....  Make sure to put this rule in at the top of your list.
____________________________

If your box is running the "interface filter" instead of the stateful firewall you need to edit your default interface filter.....

you do this in PROFILES>FILTERS

select "Deny All" filter from the Contivity Interface Filters sections. You can edit this default rule and insert a similar rule to the above. You'll have to go through various pages to create new host etc..... remember when you create a host here with a specified IP address use wildcard bits instead of subnet mask. (eg.... host 1.1.1.1/0.0.0.0). Again after you create the rule make sure the rule appears on the very top of the "deny all" filter.

0
 
tmanduAuthor Commented:
Under the GUI is it INterface specific   of IMplied ??
0
 
HeavyWaterLTDCommented:
i don't specifically recall the details of the GUI interface but your should create a specific rule. Implied rules should have some default rules that allows normal ipsec functionality of the box(probably not a good idea to touch these rules).
0
 
tmanduAuthor Commented:
Hey, I have to OPEN  port 443 for ADP transmission. I am in the NAT FIREwall.
 

 
I added the second rule. under the TCP/ADP icon i putin port 443 , then ACCEPT.
Do i have to have anything under DESTIINATION ( in yellow) like ADPS IP address, or am I looking at this the wrong way ?
 
Also do I have to do anything in the SOURCE INTERFACE RULES. ALso shoudl this new rule be first ???
 
Thanks - I think I'm almost there.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now