08-24-2020 09:11 AM
No ACL has been configured but a lot of the ports have been scanned and are found to be blocked. See excerpt below.
I believe if you dont configure any ACL, all ports should be open by default. Is there any relevant documentation that lists all the ports being blocked by default?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RESULTS:
Some of the ports filtered by the firewall are: 20, 21, 22, 23, 25, 53, 80, 111, 135, 443.
Listed below are the ports filtered by the firewall.
No response has been received when any of these ports are probed.
1,6,8-11,13-14,27,30-31,33,38-39,41,43-44,46-47,52,54-55,61,64,68,72,
76-77,79-81,83,88,94,97,101,104,106,113-114,117,120-122,124,127-128,131,
135,137,139,143-144,146,149-151,159,161,171-173,176,178-179,181-182,184-185,
187,193,196,200,202,204,206-207,217,225,228-229,233-234,244,246,253-256,
260,262,264,266,272-273,278,293,297-298,305,307-310,313,315,317-318,320-322,
332,334,339,342,344,346,348,352-353,356,359,362,366,369,374,377,380,385-386,
391-392,394-396,401-402,406,410,412,416-417,426-427,431,434,442,454,456,
458-459,463,465-467,470,474-475,480,483-484,486,488,490-492,495-496,498,
504,506-509,511,515,517-518,522,528,531-532,534-536,538,540, and more.
08-24-2020 03:02 PM
Sorry for the confusion. The statement below came from the scan results by the customer. It doesn’t mean that there is a firewall in between them and the switch. They just assumed as such because ports are being blocked by the switch.
“Some of the ports filtered by the firewall are: 20, 21, 22, 23, 25, 53, 80, 111, 135, 443.
Listed below are the ports filtered by the firewall.”
I have checked both from cli using show configuration acl and from GUI, there is no ACL configured.
08-24-2020 12:19 PM
KG,
I would not expect Extreme XOS switches to block any ports unless they are configured to do so. Also in your post you say “Some of the ports filtered by the firewall are: 20, 21, 22, 23, 25, 53, 80, 111, 135, 443.
Listed below are the ports filtered by the firewall.”
I would expect a firewall to block all ports that it is not configured to allow.