<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.3132" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Wierd, I don't think we see any denies on the ACLs
though......</FONT></DIV>
<DIV>--------------------------------------------------------------------------------<BR>Lelio
Fulgenzi, B.A.<BR>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario
N1G 2W1<BR>(519) 824-4120 x56354 (519) 767-1060 FAX
(JNHN)<BR>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<BR>"Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo
buffalo." WJR<BR></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=Matt.Slaga@us.didata.com href="mailto:Matt.Slaga@us.didata.com">Matt
Slaga (US)</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=lelio@uoguelph.ca
href="mailto:lelio@uoguelph.ca">Lelio Fulgenzi</A> ; <A
title=asobihoudai@yahoo.com href="mailto:asobihoudai@yahoo.com">Paul Choi</A>
; <A title=cisco-voip@puck.nether.net
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, July 06, 2007 9:28 AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> RE: [cisco-voip] UDP 2000 from
SRST router to IP phone?</DIV>
<DIV><BR></DIV>If you only open 2000, then your secondary and tertiary
callmanager<BR>servers will not have heartbeat to the phones. In some
cases, you may<BR>end up with lots of transient connection errors in your
event log.<BR><BR><BR><BR>-----Original Message-----<BR>From: Lelio Fulgenzi
[mailto:lelio@uoguelph.ca] <BR>Sent: Thursday, July 05, 2007 10:52 PM<BR>To:
Matt Slaga (US); Paul Choi; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>Subject:
Re: [cisco-voip] UDP 2000 from SRST router to IP phone?<BR><BR>That's was our
understanding, TCP 2000.<BR><BR>I don't think we've ever heard about the
sequential ports though. We've<BR>only <BR>opened up TCP 2000.<BR><BR>-----
Original Message ----- <BR>From: "Matt Slaga (US)" <<A
href="mailto:Matt.Slaga@us.didata.com">Matt.Slaga@us.didata.com</A>><BR>To:
"Paul Choi" <<A
href="mailto:asobihoudai@yahoo.com">asobihoudai@yahoo.com</A>>; "Lelio
Fulgenzi" <BR><<A
href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</A>>; <<A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A>><BR>Sent:
Thursday, July 05, 2007 9:09 PM<BR>Subject: RE: [cisco-voip] UDP 2000 from
SRST router to IP phone?<BR><BR><BR>> Cisco contends that SCCP uses TCP
2000 - 2002 (one port for each<BR>> CallManager in it's failover
list). Not sure about UDP 2000.<BR>><BR>> -----Original
Message-----<BR>> From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>>
[mailto:cisco-voip-bounces@puck.nether.net] On Behalf Of Paul Choi<BR>>
Sent: Thursday, July 05, 2007 9:01 PM<BR>> To: Lelio Fulgenzi; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
Subject: Re: [cisco-voip] UDP 2000 from SRST router to IP
phone?<BR>><BR>> I could be full of shit but I'm pretty sure that
SCCP<BR>> uses UDP 2000 to communicate with CCM.<BR>><BR>><BR>>
--- Lelio Fulgenzi <<A
href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</A>>
wrote:<BR>><BR>>> We're just setting up some ACLs and found that
while<BR>>> in SRST mode, the SRST router (or at least the<BR>>>
loopback address that we bind MGCP to) tried to<BR>>> communicate to the
IP phone that was registered. We<BR>>> had not allowed for this and as a
result, the call<BR>>> out the gateway was one way audio. But we didn't
see<BR>>> any other denies come out of the logs.<BR>>><BR>>>
I see that in the SRST config, it asks for a port,<BR>>> and it is 2000.
But it's still wierd to see UDP 2000<BR>>> being
used.<BR>>><BR>>> Can anyone comment?<BR>>><BR>>>
2d08h: %SEC-6-IPACCESSLOGP: list voice_in_kc denied<BR>>> udp
10.104.122.141(17624) -> 10.104.34.48(2000), 1<BR>>>
packet<BR>>><BR>>> ^- IP
phone
^- SRST
router<BR>>><BR>>><BR>>><BR>><BR>------------------------------------------------------------------------<BR>>
--------<BR>>> Lelio Fulgenzi, B.A.<BR>>> Senior Analyst (CCS) *
University of Guelph *<BR>>> Guelph, Ontario N1G 2W1<BR>>> (519)
824-4120 x56354 (519) 767-1060 FAX (JNHN)<BR>>><BR>>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<BR>>><BR>>>
"Buffalo buffalo Buffalo buffalo buffalo buffalo<BR>>> Buffalo
buffalo." WJR<BR>>> >
_______________________________________________<BR>>> cisco-voip mailing
list<BR>>> <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>>
<A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>><BR>><BR>><BR>><BR>><BR>><BR>________________________________________________________________________<BR>>
____________<BR>> Yahoo! oneSearch: Finally, mobile search<BR>> that
gives answers, not web links.<BR>> <A
href="http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC">http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC</A><BR>>
_______________________________________________<BR>> cisco-voip mailing
list<BR>> <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
<A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>><BR>>
-----------------------------------------<BR>> Disclaimer:<BR>><BR>>
This e-mail communication and any attachments may contain<BR>> confidential
and privileged information and is for use by the<BR>> designated
addressee(s) named above only. If you are not the<BR>> intended
addressee, you are hereby notified that you have received<BR>> this
communication in error and that any use or reproduction of<BR>> this email
or its contents is strictly prohibited and may be<BR>> unlawful. If
you have received this communication in error, please<BR>> notify us
immediately by replying to this message and deleting it<BR>> from your
computer. Thank you.<BR>><BR>>
<BR><BR><BR>-----------------------------------------<BR>Disclaimer:<BR><BR>This
e-mail communication and any attachments may contain<BR>confidential and
privileged information and is for use by the<BR>designated addressee(s) named
above only. If you are not the<BR>intended addressee, you are hereby
notified that you have received<BR>this communication in error and that any
use or reproduction of<BR>this email or its contents is strictly prohibited
and may be<BR>unlawful. If you have received this communication in
error, please<BR>notify us immediately by replying to this message and
deleting it<BR>from your computer. Thank you.<BR><BR></BLOCKQUOTE></BODY></HTML>