11-12-2017 10:30 AM - edited 02-21-2020 06:43 AM
Hello everyone,
Im very new here and to this device, so excuse me for such a noob question.
My manager told me to open on firewall ports for IP softphones, servers are located in cloud on the internet.
internal addresses are any from local network.
Outside servers 1.206.34.96/28
required ports
from servers to local network tcp 5060-5065
from servers to local network udp 5060-5065
from servers to local network tcp 20000-65000
from local to servers tcp 5060-5065
from local to servers tcp 80
from local to servers tcp 443
from local to servers udp 5060-5065
from local to servers udp 30000-65000
please guide me through what should be done in ASDM for:
Access Rules
NAT Ruless
11-13-2017 01:24 AM
Here are some links on how to configure ACL and NAT on the ASA via GUI:
If the server is server needs to initiate traffic to the phones you will need a one to one NAT for every phone.
I am not a voice specialist, but as far as I know NAT is not usually used for voice implementation.
11-15-2017 04:52 AM
Hello - This should be pretty straight forward, you shouldn't have to do anything with NAT statements. If these phones are pulling configs from the web, you'll need to open those ports on your inbound access list.
If you have Smartnet on your ASA, I highly recommend opening a support case with Cisco TAC. There's a whole lot of info needed to help you if you're not familiar with the ASA (model, software version, partial config, etc). If you do open a ticket with TAC, they'll want CLI access so make sure you can access that before hand to speed things up.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide