<div dir="ltr">Those don't really need to be open.  CUCM negotiates those in SIP when it doesn't want the client to send anything back like Music on Hold.</div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Mar 3, 2017 at 2:10 PM, Lelio Fulgenzi <span dir="ltr"><<a href="mailto:lelio@uoguelph.ca" target="_blank">lelio@uoguelph.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
I'm setting up firewall rules based on the Jabber deployment document, with some attention paid to the other documents indicated.<br>
<br>
I've found that when I attempt a transfer (need to do some more tests) I get a denied packet being sent to port 4001/UDP to my tftp server cluster member.<br>
<br>
The only thing I've found is this:<br>
<br>
<a href="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/port/9_1_1/CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91/CUCM_BK_T2CA6EDE_00_tcp-port-usage-guide-91_chapter_01.html" rel="noreferrer" target="_blank">http://www.cisco.com/c/en/us/<wbr>td/docs/voice_ip_comm/cucm/<wbr>port/9_1_1/CUCM_BK_T2CA6EDE_<wbr>00_tcp-port-usage-guide-91/<wbr>CUCM_BK_T2CA6EDE_00_tcp-port-<wbr>usage-guide-91_chapter_01.html</a><br>
<br>
sender/listener columns are dashed out, and the protocol is wrong.<br>
<br>
--<br>
<br>
--<br>
<br>
4000 - 4005 / TCP<br>
<br>
These ports are used as phantom Real-Time Transport Protocol (RTP) and Real-Time Transport Control Protocol (RTCP) ports for audio, video and data channel when Cisco Unified Communications Manager does not have ports for these media.<br>
<br>
<br>
Incorrect documentation? V11.5 still states TCP for this. But I always thought RTP was UDP.<br>
<br>
<a href="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/11_5_1/sysConfig/CUCM_BK_SE5DAF88_00_cucm-system-configuration-guide-1151/CUCM_BK_SE5DAF88_00_cucm-system-configuration-guide-1151_chapter_01010100.pdf" rel="noreferrer" target="_blank">http://www.cisco.com/c/en/us/<wbr>td/docs/voice_ip_comm/cucm/<wbr>admin/11_5_1/sysConfig/CUCM_<wbr>BK_SE5DAF88_00_cucm-system-<wbr>configuration-guide-1151/CUCM_<wbr>BK_SE5DAF88_00_cucm-system-<wbr>configuration-guide-1151_<wbr>chapter_01010100.pdf</a><br>
<br>
Anyone got any ideas? Why wouldn't Jabber documentation say to include this?<br>
<br>______________________________<wbr>_________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" rel="noreferrer" target="_blank">https://puck.nether.net/<wbr>mailman/listinfo/cisco-voip</a><br>
<br></blockquote></div><br></div>