[cisco-voip] mgcp tcp/udp port question

Wes Sisk wsisk at cisco.com
Thu Sep 25 12:32:45 EDT 2008 

We've seen similar with Netscreen devices.  In my case it was performing 
stateful blocking - i.e. only blocking the MGCP DLCX messages.  Firewall 
troubleshooting should be taught as a 4000 level course from application 
perspective.

/Wes

On 9/24/2008 4:23 PM, Tim Smith wrote:
> Also check what sort of firewall you are passing through.
> Had a problem with Checkpoint recently. It tried to do it's deep 
> inspection on MGCP, allowed the TCP 2428, but the UDP was dropped.
> To make it more interesting it was dropped silently and didnt appear 
> in any CP logs :)
>
> If it is CP let me know.. I have the solution id's with the versions 
> affected and fixes.
>
> Cheers,
>
> Tim.
>
>
> On Wed, Sep 24, 2008 at 9:33 PM, Wes Sisk <wsisk at cisco.com 
> <mailto:wsisk at cisco.com>> wrote:
>
>     ccm-manager depends on TFTP.
>     you will use RTP.
>
>     unless using security features you will not be using esp/ike/sRTP
>
>     /wes
>
>     On 9/24/2008 3:19 PM, Joe Cisco wrote:
>
>         ccm-manager config yes.
>
>         -Joe C.
>
>         On Wed, Sep 24, 2008 at 1:52 PM, Wes Sisk <wsisk at cisco.com
>         <mailto:wsisk at cisco.com>> wrote:
>          
>
>             are you using 'ccm-manager config'?
>             are you using encrypted signaling or sRTP?
>             are you using RTP?
>
>
>             On 9/24/2008 12:15 PM, Joe Cisco wrote:
>                
>
>                 This is for a CM 4.2 site, and per here:
>
>                 http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/port/4_2/42plrev2.pdf
>
>                 I see ports 2427 UDP and 2428 TCP listed for an MGCP
>                 gateway. Do I
>                 also need to QoS the ESP, IKE, TFTP, RTP, and SRTP
>                 ports as well when
>                 utilizing MGCP? Am i missing anything else?
>
>                 Thanks,
>
>                 Joe C.
>                 _______________________________________________
>                 cisco-voip mailing list
>                 cisco-voip at puck.nether.net
>                 <mailto:cisco-voip at puck.nether.net>
>                 https://puck.nether.net/mailman/listinfo/cisco-voip
>
>                      
>
>     _______________________________________________
>     cisco-voip mailing list
>     cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20080925/691a4865/attachment.html>

More information about the cisco-voip mailing list