Hi all,
I am wondering if I can get some assistance on a configuration question, below is the Firewall Guide for WebProxy for WebRTC:
TURN client requests | Meeting Server 10.0.0.1 | 1024- 65535 | UDP | Expressway-E TURN server private IP 10.0.0.1 | 3478 |
TURN relays | Original Source: Expressway-E Private IP 10.0.0.1 Translated Source: Expressway-E Public IP 200.1.2.4 | 24000- 29999 | UDP and TCP | Original Destination: Expressway-E Public IP 200.1.2.4 Translated Destination: Expressway-E Private IP 10.0.0.1 | 24000- 29999 |
TURN relay (On premises) | Expressway-E Private IP | 24000- 29999 | UDP and TCP | Expressway-E Private IP | 24000- 29999 |
TURN relays | Meeting Server | Ephemeral | UDP | Expressway-E public IP | 24000- 29999 |
I am trying to understand the last two rows. I would have thought that the meeting server at 10.0.0.1 would need Eph ports open to the Expressway-E Private IP and not the Public IP on the last row?
Also, Turn relay on Premise on the second last line why is the FW supposed to be open between the same IP's? Private to Private? The image that is associated in the link below actually shows that those ports should be External to External?
We have a cluster of EW-E's configured and will need to enable NAT Reflection on the external FW.
Any advice would be appreciated.
Thanks,
https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X12-5/Cisco-Expressway-IP-Port-Usage-for-Firewall-Traversal-Deployment-Guide-X12-5.pdf