I use 33434-33534.......... this gives 100 hops......... but 33634 can be used as well for the end-range...
however we need to be sure that the question is asking about IOS traceroute and NOT the regular traceroute..... you would need to allow... icmp-unreach icmp-time exceeded and icmp-echo reply through the firewall.......... the easiest way to know what ports are required is to enable logging console warning on the firewall.. it immediately gives the hint of whats getting blocked by the firewall... at the end dont forget to remove the logging console warning statement :). FNK On Fri, Mar 23, 2012 at 2:44 PM, Eugene Pefti <[email protected]>wrote: > I already know it, Kings, thanks. Just curious if it can be looked up > quickly if I forget. E.g. There's a reference section for protocols and > ports numbers under ASA configuration guide. Didn't find anything in there > for these traceroute ports. > > Sent from iPhone > > On Mar 23, 2012, at 11:22 AM, "Kingsley Charles" < > [email protected]> wrote: > > The range 33434 to 33464. > > With regards > Kings > > On Fri, Mar 23, 2012 at 11:37 PM, Eugene Pefti <[email protected]>wrote: > >> The task asks to explicitly allow traceroutes through the router. We know >> that if it is Unix or IOS then the traceroute requires UDP ports 33434 >> open. One of those numbers to memorize. Different sources say that it's not >> one port but a range and my question is mostly whether we can make do with >> one port or have to specify the range. Where will I look it up on Cisco >> documentation? >> >> Eugene >> Sent from iPhone >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
