Solved

Open/Blocked ports on HP 2910al switch

Posted on 2014-01-28
6
475 Views
Last Modified: 2014-03-01
As above really.  

We have a CIsco ASA 5505 Firewall going to our HP 2910al L3 switch which is the DGW for our 2x vlans (voice & data).
We have issues around ringing tones (mainly external calls) when using a shoretel softphone and also at a remote site with a shoretel v90 switch over a cisco VPN (again not ringing, but internal calls do ring).
I'd like to know if there is a way in which to check open/blocked ports?

UDP 2427 MGCP
UDP 5004 RTP


Thanks
0
Comment
Question by:CHI-LTD
  • 4
  • 2
6 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 39815461
Your ASA config should show which ports are being allowed through it.

From the command line you can also do:

show asp table socket

It will show what port's the firewall is listening.

Then again, if this traffic is going over a vpn, you want to check your accesslists to see if your firewall is restricting vpn traffic based on port level. Most implementation don't get that granular, and encrypt traffic based on source/destination subnets or hosts.
0
 
LVL 1

Assisted Solution

by:CHI-LTD
CHI-LTD earned 0 total points
ID: 39815473
what about at hp switch level?

2910al poe
v1910
0
 
LVL 26

Assisted Solution

by:Soulja
Soulja earned 500 total points
ID: 39815564
I would think the switches would not be blocking specific ports.

On the hp:
sh access-list


I am not familiar with the shortel, but would think it would not be blocking ports since it's most likely a l2 only switch.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:CHI-LTD
ID: 39817543
ringtone is fine on devices local to vlan20, just fails for remote connections and local devices on vlan1...
assume cisco could be at fault?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39817798
not familiar with cisco, bnut here are the results:


Protocol  Socket    Local Address               Foreign Address         State
SSL       0003680f  172.19.10.15:8443           0.0.0.0:*               LISTEN
SSL       00053d3f  wan IP1:8443           0.0.0.0:*               LISTEN
TCP       00072f3f  172.19.10.15:22             0.0.0.0:*               LISTEN
TCP       0009acaf  wan IP1:22             0.0.0.0:*               LISTEN
SSL       000ac1ef  172.19.10.15:444            0.0.0.0:*               LISTEN
DTLS      000cc19f  172.19.10.15:443            0.0.0.0:*               LISTEN
TCP       bf6f6ea8  wan IP1:22             wan ip2:62343    ESTAB
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 39897005
been escalated to Shoretel US so see what they say..
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
New Aruba 2930f switches in lab.  Do they need to be configured to work? 21 148
Best sims for HP switches 4 43
DHCP Failover Relationship caveats 6 108
HSRP needed? 4 52
The point of this post is to give you a copy/paste installation solution to setting up Asterisk 1.6 on Ubuntu 9.04 (or similar) server. # Setup the system apt-get install subversion apt-get install make apt-get install linux-source kernel-p…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question