Cisco ASA 5505 User Manual

Page 945

Advertising
background image

45-5

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 45 Configuring Inspection of Database and Directory Protocols

Sun RPC Inspection

sunrpc-server inside 192.168.100.2 255.255.255.255 service 100003 protocol UDP port 111

timeout 0:30:00

sunrpc-server inside 192.168.100.2 255.255.255.255 service 100005 protocol UDP port 111

timeout 0:30:00

This output shows that a timeout interval of 30 minutes is configured on UDP port 111 for the Sun RPC
server with the IP address 192.168.100.2 on the inside interface.

To display the pinholes open for Sun RPC services, enter the show sunrpc-server active command. The
following is sample output from show sunrpc-server active command:

hostname# show sunrpc-server active

LOCAL FOREIGN SERVICE TIMEOUT

-----------------------------------------------

1 209.165.200.5/0 192.168.100.2/2049 100003 0:30:00

2 209.165.200.5/0 192.168.100.2/2049 100003 0:30:00

3 209.165.200.5/0 192.168.100.2/647 100005 0:30:00

4 209.165.200.5/0 192.168.100.2/650 100005 0:30:00

The entry in the LOCAL column shows the IP address of the client or server on the inside interface, while
the value in the FOREIGN column shows the IP address of the client or server on the outside interface.

To view information about the Sun RPC services running on a Sun RPC server, enter the rpcinfo -p
command from the Linux or UNIX server command line. The following is sample output from the
rpcinfo -p command:

sunrpcserver:~ # rpcinfo -p

program vers proto port

100000 2 tcp 111 portmapper

100000 2 udp 111 portmapper

100024 1 udp 632 status

100024 1 tcp 635 status

100003 2 udp 2049 nfs

100003 3 udp 2049 nfs

100003 2 tcp 2049 nfs

100003 3 tcp 2049 nfs

100021 1 udp 32771 nlockmgr

100021 3 udp 32771 nlockmgr

100021 4 udp 32771 nlockmgr

100021 1 tcp 32852 nlockmgr

100021 3 tcp 32852 nlockmgr

100021 4 tcp 32852 nlockmgr

100005 1 udp 647 mountd

100005 1 tcp 650 mountd

100005 2 udp 647 mountd

100005 2 tcp 650 mountd

100005 3 udp 647 mountd

100005 3 tcp 650 mountd

In this output, port 647 corresponds to the mountd daemon running over UDP. The mountd process
would more commonly be using port 32780. The mountd process running over TCP uses port 650 in this
example.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals