01-26-2016 08:26 AM - edited 03-18-2019 11:47 AM
So I was wondering what is the best practice when it comes to voice networks and firewall ports, I remember that somebody told me that unrestricted access is the best way to go to avoid any one-way audio and similar, which makes sense for voice vlans, but now with Jabber and other Collaboration solutions, IP to IP is still recommended?
I found this URLs:
Adding a bunch of line on the firewall for all the ports and protocols is not completely smart (yes, you can use object groups but still is a lot of work, and difficult to troubleshoot in my opinion)
What is your recommendation or best practice to allow communication between collaboration subnets?
Thank you.
Rolando Valenzuela.
01-27-2016 01:25 AM
Don't run voice through a firewall unless you really have to.
01-27-2016 07:52 AM
Unfortunately in my case, I have to :( if that is the case? IP2IP will be the best?
Thanks!
Rolando Valenzuela.
02-01-2016 09:22 AM
If you need to run voice through firewall you need to open the required ports as documented in Cisco guides. It really depends on what is behind firewall, i.e. just phones, GW, CUBE, applications, etc?
02-01-2016 09:29 AM
Well, my concern is mostly with Jabber.
For voice only networks I dont my go IP-IP, but whit Jabber in mind, PC networks needs those access too and the port list increase with each release, so if I have Jabber+phones+GW+CUCM?
Thanks.
02-01-2016 09:34 AM
Well, there is not magic here.
If you want firewall between CUCM/phones,client you need to open the ports.
Is the firewall on the internal network? Do you have network diagram showing which components are in which firewall zone?
02-02-2016 12:32 PM
No at the moment, and is not a design problem, is more a "learning" problem.
Dont worry to much Chris, thank you for all your help! :D
Rolando Valenzuela.
02-02-2016 08:47 PM
You should allow the required to pass-through the firewall. Yes it is a pain and there is no silver bullet.
02-01-2016 08:14 AM
-Bump-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide