ArubaOS and Controllers

Reply
New Contributor

Why are these TCP ports listening?

I'm working on locking down management access to the controller (5.0.0.0). I found another thread which told how to do it, but after locking down ssh and https I ran an nmap against the controller and found the following ports listening:

Starting Nmap 5.00 ( http://nmap.org ) at 2010-07-01 13:31 EDT
Interesting ports on 192.168.1.2:
Not shown: 982 filtered ports
PORT STATE SERVICE
17/tcp open qotd
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
80/tcp open http
389/tcp closed ldap
443/tcp open https
636/tcp closed ldapssl
1723/tcp open pptp
2323/tcp closed unknown
4343/tcp open unicall
5080/tcp closed unknown
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp closed blackice-alerts
8083/tcp closed unknown
8088/tcp open unknown
8888/tcp open sun-answerbook

Which of these are safe to block, and which ones should be left open?

Thanks!

Dan
New Contributor

Re: Why are these TCP ports listening?

tcp/4343 is used for the WebUI.

Make sure you scan UDP ports as well. To make sure APs can operate, you'll need at least ntp, syslog, tftp, and 8211. And don't block GRE.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: