From: Erick B. (erickbe@xxxxxxxxx)
Date: Tue Feb 19 2002 - 04:40:53 GMT-3
Hi,
Port-map adds additional port #s to the IOS defaults
for telnet, ftp, etc. It doesn't remap traffic to
other ports.
For example, the 'telnet' keyword by default will only
look at traffic on port 23. If you add a port-map for
telnet on port 8000, now when you use the keyword
'telnet' it will look at port 23 and 8000.
This is useful for sites with multiple ACLs. For
example, they want 'http' to cover ports 80, 8080,
8000, etc they could set up a port-maps for http and
have 1 line in a access-list instead of 4.
I hope this helps. I've played with it in the past and
this is the way it works. Also, it is only in IPSec
feature sets but that might have changed.
Erick
--- hSzeto Jeff <jytszeto@hotmail.com> wrote:
> Hi Group,
>
> I have problems in setting up PAM. Please give me
> some advice.
>
> r1----------r2-----PC
>
> The pc will accept telnet on port 8000.
> I configure : ip port-map telnet 8000 on r2, hoping
> that I can telnet the
> pc from r1.
> The result is when I can telnet to pc with or
> without the port-map command
> when specify the port 8000, but cannot telnet when
> not specify the port,
> even with the port-map command.
> Someone please help me to understand PAM.
>
> Thank you.
>
> Jeff
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:27 GMT-3