[cisco-voip] interesting firewall deny - port 4001 to my tftp server

Lelio Fulgenzi lelio at uoguelph.ca
Fri Mar 3 14:10:11 EST 2017


I'm setting up firewall rules based on the Jabber deployment document, with some attention paid to the other documents indicated.

I've found that when I attempt a transfer (need to do some more tests) I get a denied packet being sent to port 4001/UDP to my tftp server cluster member.

The only thing I've found is this:

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/port/9_1_1/CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91/CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91_chapter_01.html

sender/listener columns are dashed out, and the protocol is wrong.

--

--

4000 - 4005 / TCP

These ports are used as phantom Real-Time Transport Protocol (RTP) and Real-Time Transport Control Protocol (RTCP) ports for audio, video and data channel when Cisco Unified Communications Manager does not have ports for these media.


Incorrect documentation? V11.5 still states TCP for this. But I always thought RTP was UDP.

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/11_5_1/sysConfig/CUCM_BK_SE5DAF88_00_cucm-system-configuration-guide-1151/CUCM_BK_SE5DAF88_00_cucm-system-configuration-guide-1151_chapter_01010100.pdf

Anyone got any ideas? Why wouldn't Jabber documentation say to include this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 14296 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20170303/f6aeb04a/attachment.bin>


More information about the cisco-voip mailing list