Advertisement
Pre-deployment Checklist and Tasks
Contents
Firewall port requirements
Table 9. Firewall ports to be opened outbound from Inside to DMZ
Purpose
XMPP (IM and Presence)
SSH (HTTP/S tunnels)
Traversal zone SIP signaling
Traversal zone SIP media
SIP TCP/TLS
H323 RAS Assent
Q.931/H.225 & H.245
Table 10. Firewall ports to be opened outbound from DMZ to public internet
Purpose
SIP media
SIP signaling
Table 11. Firewall ports to be opened inbound Internet to DMZ
Purpose
XMPP (IM and Presence)
UDS (provisioning/phonebook)
Media
SIP signaling
Table 12. Expressway-E management ports to be opened
Purpose
Management
SNMP Monitoring
Purpose
NTP
Syslog
DNS
Protocol
Expressway-C (source)
TCP
Ephemeral port
TCP
Ephemeral port
TLS
25000 to 29999
UDP
36012 to 59999
TCP/TLS
25000 to 2999
UDP
1719
TCP
15000 to 19999
Protocol
Expressway-E (source)
UDP
36012 to 59999
TLS
25000 to 29999
Protocol
Internet endpoint (source)
TCP
>=1024
TCP
>=1024
UDP
>=1024
TLS
>=1024
Transport Protocol
TCP
UDP
Transport Protocol
UDP
UDP
UDP
Deploy MRA and B2B Collaboration
Management device
source port (inside)
>=1024
>=1024
Expressway-E source
port
123
30000 to 35999
>=1024
Deployment Details
Deploy CUBE
Expressway-E (listening)
7400
2222
7001
36000 to 36001
7011
6011
2776
Internet endpoint
(listening)
>=1024
>=1024
Expressway-E (listening)
5222
8443
36012 to 59999
5061
Expressway Destination
port
80 / 443 / 22 / 23
161
PC listening port (inside)
123
514
53
PAGE 16
Advertisement
