Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1233
Views
0
Helpful
1
Replies

Firewall: SIP dynamic audio ports connections

johng231
Level 3
Level 3

‎02-04-2010 08:17 AM - edited ‎03-11-2019 10:05 AM

Hello,

Is there away of creating a policy-map that allows UDP ports to open up dynamically for 10000-49999 ratherthan open them up in an ACL? After a call is made thru the firewall, it uses UDP ports 10000-49999. I don't want to open up all these ports.

Thanks

Labels:
0 Helpful
1 Reply 1

johng231
Level 3
Level 3

‎02-05-2010 07:10 AM

I've gotten it to work by creating the following policy:

access-list 100 line 1 extended permit udp any any range 10000 49999

class-map sip_audio_port
match access-list 100

policy-map sip_policy
class sip_audio_port
  inspect sip

service-policy sip_policy interface inside
service-policy sip_policy interface VOICE

Why should I have to specify the high range when SIP is enabled by default for the inspect policy? The inspect policy for SIP should know how to open up these high ports automatically.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card