B-14
Cisco ASA 5500 Series Configuration Guide using the CLI
AppendixB Addresses, Protocols, and Ports
Local Ports and Protocols
Local Ports and Protocols
Table B -8 lists the protocols, TCP ports, and UDP ports that the ASA may open to process traffic
destined to the ASA. Unless you enable the features and services listed in Tabl e B-8, the ASA does not
open any local protocols or any TCP or UDP ports. You must configure a feature or service for the ASA
to open the default listening protocol or port. In many cases you can configure ports other than the
default port when you enable a feature or service.
tftp UDP 69 Trivial File Transfer Protocol
time UDP 37 Time
uucp TCP 540 UNIX-to-UNIX Copy Program
who UDP 513 Who
whois TCP 43 Who Is
www TCP 80 World Wide Web
xdmcp UDP 177 X Display Manager Control Protocol
TableB-7 Port Literal Values (conti nued)
Literal TCP or UDP? Value Description
TableB-8 Protocols and Ports Opened by Features and Services
Feature or Service Protocol Port Number Comments
DHCP UDP 67,68 —
Failover Control 105 N/A
HTTP TCP 80
HTTPS TCP 443
ICMP 1 N/A —
IGMP 2 N/A Protocol only open on destination IP
address 224.0.0.1
ISAKMP/IKE UDP 500 Configurable.
IPsec (ESP) 50 N/A
IPsec over UDP
(NAT-T)
UDP 4500 —
IPsec over UDP
(Cisco VPN 3000
Series compatible)
UDP 10000 Configurable.
IPsec over TCP
(CTCP)
TCP No default port is used. You must specify
the port number when configuring IPsec
over TCP.
NTP UDP 123
OSPF 89 N/A Protocol only open on destination IP
address 224.0.0.5 and 224.0.0.6