Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1505
Views
15
Helpful
4
Replies

CWMS UDP ports for Audio and Video for external clients

Go to solution
Aman .
Level 1
Level 1

‎07-09-2015 10:00 PM - edited ‎03-17-2019 05:20 PM

Which ports does CWMS uses for Audio and Video media transmission for clients that are trying to connect via internet ?

if it is SSL, How does it pass RTP through SSL ports ? .. is that possible ?

Will audio and video web conferencing work without allowing ephemeral UDP ports (16000 to 32000) for clients that are trying to connect via internet ?
 

Below are the texts from planning guide, but it is still confusing.

"The default UDP port used for external clients for audio and video data transmission is SSL (port 443). "

"

UDP ports to open between the internal machines

udp range:10000:19999

udp range:16000:32000

udp range:9000:9009

udp 5060

udp 5062

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dpetrovi
Cisco Employee
Cisco Employee

‎07-10-2015 05:01 AM

Hi Aman,

All the communication between external clients and the IRP server is done via port 443 (HTTPs). PC Audio, Video, and Data is encrypted. The information is tunneled from IRP to internal Media VMs via 443 as well.

As for RTP streams between the actual phones and CWMS, this can also be encrypted by TLS if you deployed CWMS that supports audio encryption and configured TLS on CWMS and CUCM servers. This traffic doesn't go through IRP server, but follows standard telephony path.

The UDP ports listed are used on the internal network between internal VMs and internal clients (if the internal clients are connecting to WebEx Site URL using Private VIP and not the Public VIP).

 

I hope this clarifies it.

-Dejan

View solution in original post

4 Replies 4

Go to solution
Terry Cheema
VIP Alumni
VIP Alumni

‎07-09-2015 10:57 PM

Yes you can run VoIP traffic over the SSL. This is probably done to secure this traffic.

-Terry

Please rate all helpful posts

Go to solution
Aman .
Level 1
Level 1
In response to Terry Cheema

‎07-10-2015 06:48 PM

Hi Terry,

 

Yes I saw in Cisco Documentation that they mentioned port 443, and that they mentioned at other places that the traffic is encrypted. But never saw them brag about using this RTP within HTTPS technology, so that added to confusion.

Now it is clear.

Thanks,

Aman

0 Helpful

Go to solution
Terry Cheema
VIP Alumni
VIP Alumni
In response to Aman .

‎07-12-2015 04:10 PM

Aman glad that helped. Yes VoIP can now be encrypted within SSL/TLS.

-Terry

0 Helpful

Go to solution
dpetrovi
Cisco Employee
Cisco Employee

‎07-10-2015 05:01 AM

Hi Aman,

All the communication between external clients and the IRP server is done via port 443 (HTTPs). PC Audio, Video, and Data is encrypted. The information is tunneled from IRP to internal Media VMs via 443 as well.

As for RTP streams between the actual phones and CWMS, this can also be encrypted by TLS if you deployed CWMS that supports audio encryption and configured TLS on CWMS and CUCM servers. This traffic doesn't go through IRP server, but follows standard telephony path.

The UDP ports listed are used on the internal network between internal VMs and internal clients (if the internal clients are connecting to WebEx Site URL using Private VIP and not the Public VIP).

 

I hope this clarifies it.

-Dejan

Customers Also Viewed These Support Documents