ArubaOS and Controllers

Reply
Frequent Contributor I
Posts: 67
Registered: ‎01-06-2011

tcp ports open on 620 controller 5.0.2.1

When I scan my 620 controller with code 5.0.2.1 using nmap these are the ports that is shows are open. Can anyone explain what each of them is for and If I need them to be open? They are only campus aps connected to the 620.

Here is the nmap result:


Not shown: 989 filtered ports

PORT STATE SERVICE
17/tcp open qotd
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
1723/tcp open pptp
4343/tcp open unicall
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8088/tcp open unknown
8888/tcp open sun-answerbook
Occasional Contributor I
Posts: 7
Registered: ‎06-10-2011

Re: tcp ports open on 620 controller 5.0.2.1


When I scan my 620 controller with code 5.0.2.1 using nmap these are the ports that is shows are open. Can anyone explain what each of them is for and If I need them to be open? They are only campus aps connected to the 620.

Here is the nmap result:


Not shown: 989 filtered ports

PORT STATE SERVICE
17/tcp open qotd
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp open https
1723/tcp open pptp
4343/tcp open unicall
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8088/tcp open unknown
8888/tcp open sun-answerbook




I don't know all of the ports listed above, but here are the ones I'm pretty sure of...

21/tcp ftping new images to controller?
22/tcp ssh management
80/tcp http redirection to web management interface (4343)
443/tcp https redirection to web management interface (4343)
4343/tcp web management interface
8080/tcp destination nat for captive portal
8081/tcp destination nat for captive portal
8088/tcp destination nat for captive portal
8888/tcp destination nat for captive portal

I guess the ports that are required are the services you wish to run on them.
Not going to use Web Admin? Strike 80, 443, 4343.
Not using CP? Strike 8080, 8081, 8088, 8888.

You can modify the many of firewall policies to block access to the ports. I think you may need the the firewall license though.

Hope this helps,
Tim
Frequent Contributor I
Posts: 67
Registered: ‎01-06-2011

Re: tcp ports open on 620 controller 5.0.2.1

Cool thanks! That helps a ton, now to figure out what tcp 17 and 1723 does? I searched the knowledgebase and this forum and couldn't find anything that referenced it...
Guru Elite
Posts: 20,422
Registered: ‎03-29-2007

Re: tcp ports open on 620 controller 5.0.2.1

17 qotd required for Nortel Contivity Clients
1723 pptp VPN connections


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 67
Registered: ‎01-06-2011

Re: tcp ports open on 620 controller 5.0.2.1

awesome thanks!
Search Airheads
Showing results for 
Search instead for 
Did you mean: