Question about routers and ports

dissolveddissolved Posts: 228Inactive Imported Users
Here at work, we have a huge windows 2000 network (spread throughout the state). We have a lot of sites. We have a domain controller at every site as well (we run Active directory). Each site is running T1s to our frame relay network.

Now here's my question

Are all cisco router's ports closed by default, or open by default? ? The reason I ask, is because I can access servers anywhere in the state. Even ones at different sites. This means, that the netbios ports etc must be open on all of our routers?

Does anyone follow that confusing mess I just wrote?

Comments

  • skratzerskratzer Posts: 2Member ■□□□□□□□□□
    Do you mean TCP and UDP ports on the actual router itself or do you mean will it or will it not forward packets destined for certain ports on particular hosts?

    By default, there are no filtering rules (ACLs) defined on Cisco devices, so pretty much all traffic types that fit within the active protocol suites will be forwarded. I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.
  • dissolveddissolved Posts: 228Inactive Imported Users
    skratzer wrote:
    Do you mean TCP and UDP ports on the actual router itself or do you mean will it or will it not forward packets destined for certain ports on particular hosts?

    By default, there are no filtering rules (ACLs) defined on Cisco devices, so pretty much all traffic types that fit within the active protocol suites will be forwarded. I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.

    I mean TCP/UDP ports. Not referring to pre-mask routing.

    I think I remember reading about netbios not being routable. But now I'm confused. If netbios is not routable, how am I able to access shares and stuff at other sites? Each site has a Cisco 4000 series router as the gateway as well.
    Thanks for the help man
    -dissolved
  • garv221garv221 Posts: 1,914Member
    You can access shares becasue of 2000 enviroment implements DNS...The routers keep your networks local via VPN and trunking VLANS, depending the size of each offsite LAN...
  • skratzerskratzer Posts: 2Member ■□□□□□□□□□
    Yes, like garv said, you can probably access the shares because of DNS name resolution rather than NetBIOS broadcasts. Also, the routers don't pass broadcast traffic by default, but can be configured to (ip helper-address).
  • kicker22kicker22 Posts: 80Member ■■□□□□□□□□
    yeah I agree with garv and skratzer..
    even if you werent using Active Directory... the other simple explanation is, that maybe ACL is configured to let you in because of your network ip address is on the permit list :)
  • forbeslforbesl Posts: 454Member
    skratzer wrote:
    I guess I might mention that NetBIOS is a broadcast based non-routable protocol though and will not be passed through your router.

    NetBIOS is routable over TCP/IP and can be passed through network devices.
    See RFC 1001: http://www.faqs.org/rfcs/rfc1001.html

    NetBIOS ports:
    UDP 137 - 138
    TCP 139
  • westincarwestincar Posts: 1Member ■□□□□□□□□□
    Netbeui isn't routable but NetBIOS is. Netbeui can only be bridged.

    --Westincar
  • rossonieri#1rossonieri#1 Posts: 800Member
    well, if you buy a new router then its ports are closed by default. the reason you can connect to any site probably your network have been setup to do so.
    the More I know, that is more and More I dont know.
Sign In or Register to comment.