[cisco-voip] interesting firewall deny - port 4001 to my tftp server
Brian Meade
bmeade90 at vt.edu
Fri Mar 3 14:42:27 EST 2017
Those don't really need to be open. CUCM negotiates those in SIP when it
doesn't want the client to send anything back like Music on Hold.
On Fri, Mar 3, 2017 at 2:10 PM, Lelio Fulgenzi <lelio at uoguelph.ca> wrote:
>
> I'm setting up firewall rules based on the Jabber deployment document,
> with some attention paid to the other documents indicated.
>
> I've found that when I attempt a transfer (need to do some more tests) I
> get a denied packet being sent to port 4001/UDP to my tftp server cluster
> member.
>
> The only thing I've found is this:
>
> http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/
> port/9_1_1/CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91/
> CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91_chapter_01.html
>
> sender/listener columns are dashed out, and the protocol is wrong.
>
> --
>
> --
>
> 4000 - 4005 / TCP
>
> These ports are used as phantom Real-Time Transport Protocol (RTP) and
> Real-Time Transport Control Protocol (RTCP) ports for audio, video and data
> channel when Cisco Unified Communications Manager does not have ports for
> these media.
>
>
> Incorrect documentation? V11.5 still states TCP for this. But I always
> thought RTP was UDP.
>
> http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/
> admin/11_5_1/sysConfig/CUCM_BK_SE5DAF88_00_cucm-system-
> configuration-guide-1151/CUCM_BK_SE5DAF88_00_cucm-system-
> configuration-guide-1151_chapter_01010100.pdf
>
> Anyone got any ideas? Why wouldn't Jabber documentation say to include
> this?
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20170303/4aef8c43/attachment.html>
More information about the cisco-voip
mailing list