[cisco-voip] RTP ports used by phones
Anthony Holloway
avholloway+cisco-voip at gmail.com
Tue Jan 19 16:08:41 EST 2016
Is this a SCCP or SIP phone? I wouldn't worry too much about where you saw
"IPVMS", it's likely specific to the context of the chapter/section. I.g.,
Table 6 in Port Usage Guide is only for Phone to CUCM communication
*For SCCP Phones, From the SRND*
*SCCP endpoints use a non-configurable hard-coded range of 16384 to 32767
for voice-only calls*
*For SIP Phones, From the CUCM Administration Guide*
*SIP Profile*
*Start Media Port = This field designates the start real-time protocol
(RTP) port for media. Media port ranges from 2048 to 65535. Default
specifies 16384.*
*Stop Media Port = This field designates the stop real-time protocol (RTP)
port for media. Media port ranges from 2048 to 65535. Default specifies
32766. *
*For Gateways, From Port Usage Guide*
*Gateway to Unified Communications Manager 16384 - 32767 / UDP*
First recommendation, is to use deep packet inspection and let the UDP
ports be opened by the firewall dynamically. This works with MGCP, H323,
SIP and SCCP.
http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/inspect_voicevideo.html
Second recommendation, is to use SIP signaling so you can control the RTP
port range so that it always matches your configured ACLs exactly.
And in closing, I think there is probably some confusion around what the
exact upper bound is: 32766 or 32768, and you probably found a phone model
firmware that thought 32768 was the upper bound. I personally, have always
gone with 32766 as being the upper bound, but then again, I've never
created an ACL for this range either, so it hasn't presented itself as a
problem thus far.
On Tue, Jan 19, 2016 at 10:46 AM, Ed Leatherman <ealeatherman at gmail.com>
wrote:
> I've notice this a few times bouncing on ACL, thought it was worth asking
> about.
>
> I see in numerous documentation that CUCM uses 16384 - 32767 for RTP - the
> documents specifically say IP Phone to IPVMS.
>
> I observed an 8945 Cisco phone listening on 32768 and 32769 (assuming RTP
> and associated RTCP) due to access list not permitting it. Is there a doc
> somewhere that shows different/expanded range of ports that Cisco phones
> will use?
>
>
>
> --
> Ed Leatherman
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20160119/69baef3b/attachment.html>
More information about the cisco-voip
mailing list