cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
292
Views
5
Helpful
3
Replies
Pragash22
Beginner

Cisco SSM and CUCM/ CUC

Hi All

 

It was mentioned in the documentation that, need to allow below rules between SSM and CUCM nodes

Prerequisites

These ports must be enabled for communication with CSSM:

  • User Interface: HTTPS (port 8443)
  • Product Registration: HTTPS (port 443), HTTP (port 80)
  • Communication to CSSM: HTTPS (tools.cisco.com, api.cisco.com, cloudsso.cisco.com), port 443

Ref link - https://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/212883-cucm-smart-licensing-mediated-model.html

 

  We have the SSM on Prem and I would like to know when enabling firewall rule between SSM and CUCM/CUC
1. Does that need to be Bi-Directional rule? If No, Just want to know who initiate the session, Is it always Call manager?
2. Lets say If I have multiple nodes (1 Pub and 4 Sub - all subs are located at separate locations with different subnets) - Does all these Subs need to have the same rules enabled?

Kind regards

Pragash

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Nithin
Thank you for your reply.


I generated this on Lab and checked the packet flow to see how it works.

Always the Publisher initiate the request though if you sync on-Prem Satallite with Cisco cloud.

Once you have synced with the On-Prem to Cisco cloud, on-prem SSM will not initiate a request to CCM and on-Prem SSM wait for the CCM to initiate the request.

 

Kind regards

Pragash

View solution in original post

3 REPLIES 3
Nithin Eluvathingal
VIP Advocate

1. Does that need to be Bi-Directional rule? If No, Just want to know who initiate the session, Is it always Call manager?

Since no direction mentioned in the guide, better to keep Bidirectional.
2. Lets say If I have multiple nodes (1 Pub and 4 Sub - all subs are located at separate locations with different subnets) - Does all these Subs need to have the same rules enabled?

 only publisher need to be considered. Publisher the licensing  Node. 

=>>>If this answered your question, please click "ACCEPT AS SOLUTION"<<<=
=>>>If you find this response useful, please mark it as "HELPFUL"<<<=

Hi Nithin
Thank you for your reply.


I generated this on Lab and checked the packet flow to see how it works.

Always the Publisher initiate the request though if you sync on-Prem Satallite with Cisco cloud.

Once you have synced with the On-Prem to Cisco cloud, on-prem SSM will not initiate a request to CCM and on-Prem SSM wait for the CCM to initiate the request.

 

Kind regards

Pragash

View solution in original post

Vinod1
Beginner

Hello Pragash,

 

What you want to achieve?

 

You want to enable firewall port in between cucm and on prem ssm or in between On prem SSM and cloud SSM or in between cucm and cloud SSM ...

 

 

As per Document which you shared it will enable rule in between on prem ssm and cloud ssm and it should be bidirectional and first on prem ssm will initiate requst.

 

No need to create rule for cucm sub since pub will manage .

 

 

Content for Community-Ad

Spotlight Awards 2021