And it's not only for RADIUS.
Syslog over TCP has different ports defined in IOS port-map and ASA.
R3(config)#do sh ip port-map | in syslog
Default mapping: syslog udp port 514
system defined
Default mapping: syslog-conn tcp port 601
system defined
ASA1(config)# logging host IN 1.1.1.1 ?
configure mode commands/options:
WORD Enter <protocol/port>, The protocol over which the syslog message is
sent, could be TCP or UDP. The allowable range for ports is 1025
through 65535. The default is port 514 for UDP and 1470 for TCP
What I'm driving to is a pitfall I can run into if I were to inspect RADIUS and
SYSLOG traffic from ASA by ZFW and relying on the default ports.
From: Eugene Pefti
Sent: Sunday, June 10, 2012 12:45 PM
To: CCIE Security
Subject: RADIUS ports in ASA and IOS
It's more of a rhetoric question. I'm a little bit disappointed by the fact
that ASA and IOS developers are not on the same page when defining ports for
RADIUS.
When you ask the router about it it knows only knew ports:
R3#sh ip port-map | in radius
Default mapping: radius udp port 1812,1813
system defined
ASA on the other hand references older RADIUS ports 1645 and 1646 in their
reference guides:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ref_ports.html#wp1007738
I wonder will I lose points if I forget include both protocol sets?
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
