I'm looking for a sample ACL to allow CUCM and Unity Connection traffic only. We are providing voip service to a near by hospital and we are wanting to restrict traffic, while allowing traffic for voice services.
CUC provides all the required ports in the security guide, CUCM has a dedicated guide for TCP/UDP ports. Remember to consider voice traffic is directly between endpoints.
Yeah, I had already looked at the guide and the ports, but the list seemed rather long, so I was wondering if someone already had an acl built with all the needed ports to save some time.
One point to add, I would assume that CUCM and Unity are in the same LAN which is usually the case (not mandatory but this whats usually the case). If so you need to use L2 ACLs. Now, if they are deployed as VMs, the only way to do this is to have sophisticated virtual switch (Nexus 1000v or NSX) to apply port restrictions.
They will be in different vlans. There will be an existing CUCM Subscriber and tftp at the customer site in vlan 10 and Unity Connection, Publisher and other subscribers will be at the main site within vlan 20.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
