cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1473
Views
0
Helpful
2
Replies

Cisco ZBF & Facetime

nicolas.bedard
Beginner
Beginner

Does anyone know how to let facetime going through Cisco ZBF ?

It uses a bunch of ports like describled in Apple's KB: http://support.apple.com/kb/HT4245

Now what can I do if I let those protocol going out:

class-map type inspect match-any INTERNET-ACCESS_CLASS
match protocol http
match protocol https
match protocol ftp
match protocol smtp
match protocol pop3
match protocol ipsec-msft
match protocol isakmp
match protocol imaps
match protocol imap3
match protocol imap
match protocol icmp
match protocol msnmsgr

How can I get facetime going out ?

I use a 1811-SEC router

thanks !

1 Accepted Solution

Accepted Solutions

Loren Kolnes
Cisco Employee
Cisco Employee

Hi Nicols,

You could try using port-maps to define the facetime traffic to be inspected. Something like the following:

ip port-map user-facetime1 port udp 3478 3497

ip port-map user-facetime2 port udp 16384 16387

ip port-map user-facetime3 port udp 16393 16402

ip port-map user-facetime4 port tcp 5223

class-map type inspect match-any facetime_access_class

match protocol user-facetime1

match protocol user-facetime2

match protocol user-facetime3

match protocol user-facetime4

class-map type inspect match-any INTERNET-ACCESS_CLASS

match protocol http

match protocol https

match protocol ftp

match protocol smtp

match protocol pop3

match protocol ipsec-msft

match protocol isakmp

match protocol imaps

match protocol imap3

match protocol imap

match protocol icmp

match protocol msnmsgr

match class-map facetime_access_class

Let me know if you have any questions.

Thanks,

Loren

View solution in original post

2 Replies 2

Loren Kolnes
Cisco Employee
Cisco Employee

Hi Nicols,

You could try using port-maps to define the facetime traffic to be inspected. Something like the following:

ip port-map user-facetime1 port udp 3478 3497

ip port-map user-facetime2 port udp 16384 16387

ip port-map user-facetime3 port udp 16393 16402

ip port-map user-facetime4 port tcp 5223

class-map type inspect match-any facetime_access_class

match protocol user-facetime1

match protocol user-facetime2

match protocol user-facetime3

match protocol user-facetime4

class-map type inspect match-any INTERNET-ACCESS_CLASS

match protocol http

match protocol https

match protocol ftp

match protocol smtp

match protocol pop3

match protocol ipsec-msft

match protocol isakmp

match protocol imaps

match protocol imap3

match protocol imap

match protocol icmp

match protocol msnmsgr

match class-map facetime_access_class

Let me know if you have any questions.

Thanks,

Loren

I needed to modify it a bit. But it's working.

here is what I changed in the config:

ip port-map user-facetime1 port udp from 3478 to 3497

ip port-map user-facetime2 port udp from 16384 to 16387

ip port-map user-facetime3 port udp from 16393 to 16402

ip port-map user-facetime4 port tcp 5223

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: