Port
Number
Protocol Where Used Description
17 TCP switch This is used for certain types of VPN clients that accept a
banner (QOTD). During normal operation, this port will
only accept a connection and immediately close it.
21 TCP switch
22 TCP switch SSH
23 TCP AP and switch Telnet is disabled by default but the port is still open.
53 UDP switch Internal domain.
67 UDP AP (and switch if
DHCP server is
configured)
DHCP server.
68 UDP AP (and switch if
DHCP server is
configured)
DHCP client.
69 UDP switch TFTP
80 TCP AP and switch Used for remote packet capture where the capture is
saved on the access point. Provides access to the WebUI
on the switch.
123 UDP switch NTP
161 UDP AP and switch SNMP. Disabled by default.
443 TCP switch Used internally for captive portal authentication (HTTPS)
and is exposed to wireless users. A default self-signed
certificate is installed in the switch. Users in a production
environment are urged to install a certificate from a well
known CA such as Verisign. Self-signed certs are open to
man-in-the-middle attacks and should only be used for
testing.
Required for VIA: During the initializing phase, VIA uses
HTTPS connections to perform trusted network and
captive portal checks against the switch. It is mandatory
that you enable port 443 on your network to allow VIA to
perform these checks.
500 UDP switch ISAKMP
514 UDP switch Syslog
1144 RTLS Access points Open only when the RTLS feature is enabled
1701 UDP switch L2TP
1723 TCP switch PPTP
Table 272: Default (Trusted) Open Ports
AOS-W 6.5.3.x | User Guide Behavior and Defaults | 1100
To Next Page
Loading...