• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 486
  • Last Modified:

Open/Blocked ports on HP 2910al switch

As above really.  

We have a CIsco ASA 5505 Firewall going to our HP 2910al L3 switch which is the DGW for our 2x vlans (voice & data).
We have issues around ringing tones (mainly external calls) when using a shoretel softphone and also at a remote site with a shoretel v90 switch over a cisco VPN (again not ringing, but internal calls do ring).
I'd like to know if there is a way in which to check open/blocked ports?

UDP 2427 MGCP
UDP 5004 RTP


Thanks
0
CHI-LTD
Asked:
CHI-LTD
  • 4
  • 2
3 Solutions
 
SouljaCommented:
Your ASA config should show which ports are being allowed through it.

From the command line you can also do:

show asp table socket

It will show what port's the firewall is listening.

Then again, if this traffic is going over a vpn, you want to check your accesslists to see if your firewall is restricting vpn traffic based on port level. Most implementation don't get that granular, and encrypt traffic based on source/destination subnets or hosts.
0
 
CHI-LTDAuthor Commented:
what about at hp switch level?

2910al poe
v1910
0
 
SouljaCommented:
I would think the switches would not be blocking specific ports.

On the hp:
sh access-list


I am not familiar with the shortel, but would think it would not be blocking ports since it's most likely a l2 only switch.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
CHI-LTDAuthor Commented:
ringtone is fine on devices local to vlan20, just fails for remote connections and local devices on vlan1...
assume cisco could be at fault?
0
 
CHI-LTDAuthor Commented:
not familiar with cisco, bnut here are the results:


Protocol  Socket    Local Address               Foreign Address         State
SSL       0003680f  172.19.10.15:8443           0.0.0.0:*               LISTEN
SSL       00053d3f  wan IP1:8443           0.0.0.0:*               LISTEN
TCP       00072f3f  172.19.10.15:22             0.0.0.0:*               LISTEN
TCP       0009acaf  wan IP1:22             0.0.0.0:*               LISTEN
SSL       000ac1ef  172.19.10.15:444            0.0.0.0:*               LISTEN
DTLS      000cc19f  172.19.10.15:443            0.0.0.0:*               LISTEN
TCP       bf6f6ea8  wan IP1:22             wan ip2:62343    ESTAB
0
 
CHI-LTDAuthor Commented:
been escalated to Shoretel US so see what they say..
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now