Can I close the ports or change the port number of the opened ports on PacketShaper?

Solution

Overview

PacketShaper uses the following ports:

  • Port 80 for web access of PacketShaper
  • Port 23 for Telnet access of PacketShaper
  • Port 21 for FTP access of PacketShaper
  • Port 7 for or TCP echo

In PacketWise v6.0 and above, the following ports are also open:

  • Port 22 for secure CLI access of PacketShaper (SSH)
  • Port 443 for secure web access of PacketShaper (HTTPS)
Cause
Resolution

You cannot change the port number because they are hard coded in the PacketWise software.

To close a port:

  1. Create a child class of localhost, specifying the port number you want to close.
  2. Apply a discard policy.
  3. Make sure traffic shaping is turned on.

If you close all ports, the console port will be the only way to access PacketShaper.

Note: The technique described above will not work if you try to access PacketShaper from the Inside network or through PacketShaper's Inside interface. This is because policies are not enforced on the Localhost class if the hosts are coming from the Inside, so they cannot block access from the internal hosts.

In PacketWise v7.3 and higher:

Starting in v7.3, PacketWise offers a different approach. You can disable specific access services to a PacketShaper. For example, you can disable access via non-secure protocols (for example, HTTP and Telnet) and allow access to your PacketShaper via secure protocols (HTTPS, SSH) only. If you disable all access methods, you will only be able to access the unit via a direct console connection.

To disable access via certain protocols:

  1. Click the setup tab.
  2. From the Choose Setup Page list, select security
  3. Locate the Unit Access section. By default, all services are enabled, allowing you to access the unit by all available secure and nonsecure protocols.
  4. Click the checkboxes of the service protocols you want to disable.
  5. Click apply changes to update the settings.

 

Workaround
Additional Information
Bug Number
InQuira Doc IdKB2163
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat