Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Port 1720 open on F5 public virtual server

Hi guy, My virtual server pulib to Internet via F5 and just open port http/80, https/443, but when i try to telnet port 1720 to Public IP of virtual server, it connect [telnet IP 1720], its working, althought i didnot open port 1720 at all Please explain why can i connect to port 1720 Thank you very much

0
Rate this Question
Comments on this Question
Comment made 2 months ago by Tikka Nagi

What are the results of?

nmap -O

and if you capture the Nmap scan in a tcpdump do you see the packets making it to bigip?

tcpdump -i 0.0:nnn -w /var/tmp/port1720.pcap host and host

0
Comment made 2 months ago by Martijn 198

Hi,

Is there a Check Point firewall between the internet and the F5, and is port 1720 (H323) used in the rule base as a custom service?

If have seen this kind of behavior with on of our customers. A telnet on port 1720 is accepted by the Check Point because Check Point wants to inspect the H323 traffic. Even if it is a custom service on the same port-number.

If there is a NAT rule, it seems like the F5 is accepting the connection, but in fact it is the Check Point.

Hope this helps.

Martijn.

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

Which TMOS version do you have? Could you post your Virtual Servers configuration?

Just for curiosity I did the test in different versions of TMOS without this abnormal behavior in BIG-IP.

This is the behavior in my lab:

telnet f5labs.test.lab 1720

Connecting To f5labs.test.lab...Could not open connection to the host, on port 1720: Connect failed

nmap -sT -p 1720 f5labs.test.lab

Starting Nmap ... Nmap scan report for f5labs.test.lab ... Host is up.

PORT STATE SERVICE

1720/tcp filtered h323q931

0
Comments on this Answer
Comment made 2 months ago by themyth 4

My devices is 5250S, version 11.6 As i scan on all ip public, i see that i can telnet port 1720 to the public ip address.

On checkpoint, has the same problem https://forums.checkpoint.com/forums/thread.jspa?messageID=42136 Any idea please

0