Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
244
Views
0
Helpful
1
Replies

Cisco Jabber Traffic

fgramos01
Level 1
Level 1

‎05-02-2016 11:25 PM - edited ‎03-17-2019 06:04 PM

We discovered potential IRC connections in Cisco Jabber Expressway Edge. May we know if this is a required/legitimate traffic/service? Is this an expected traffic for a jabber setup? Kindly see below traffic.

Payload:
<13>Apr 06 18:23:23 10.152.8.42 06Apr2016 18:23:23 accept 10.152.8.11 product: VPN-1 & FireWall-1; src: 10.152.192.140; s_port: 8443; dst: 121.54.32.172; service: 6667; proto: tcp; rule: 64;__policy_id_tag: product=VPN-1 & FireWall-1[db_tag={1684C059-4D7B-4F41-9AC6-16D80E6AE427};mgmt=NT-PHO-P01;date=1459865604;policy_name=UNPHOP03-CL-20160405];has_accounting: 0;i/f_dir: inbound;i/f_name: eth2c0;origin_sic_name: CN=fwnokia2,O=NT-PHO-P01.ph.rnd.cvho96;rule_name: Cisco Jabber Expressway-Edge;rule_uid: {CBEF275A-93CD-4A18-84C9-2E0BF99210DB};service_id: irc1;

<13>Apr 14 05:41:33 10.152.8.42 14Apr2016 05:41:33 accept 10.152.8.11 product: VPN-1 & FireWall-1; src: 10.152.192.140; s_port: 8443; dst: 203.87.156.171; service: 6665; proto: tcp; rule: 64;__policy_id_tag: product=VPN-1 & FireWall-1[db_tag={EEF54EFC-AC4D-8140-88D2-469350F18104};mgmt=NT-PHO-P01;date=1460463404;policy_name=UNPHOP03-CL-20160412];has_accounting: 0;i/f_dir: inbound;i/f_name: eth2c0;origin_sic_name: CN=fwnokia2,O=NT-PHO-P01.ph.rnd.cvho96;rule_name: Cisco Jabber Expressway-Edge;rule_uid: {36E5AD74-D4D2-4BCF-B5BF-4A2014D04207};service_id: irc1;

DST IPs:
121.54.32.172
121.54.54.183
203.87.156.153
203.87.156.171
=> Port: 6665 (IRC)

Thank you 

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents