Telepresence mx300 ip inspect

Ruslan Bogdan-Blackitny · ‎11-20-2012

Hello.

Got a single Telepresence mx300 without any server in our office.

In short time it starts to receive numbers of spam calls- on the internet channel which telepresence uses, there was no firewall whatsoever.

So we applied an ACL on vlan in which telepresence is, with numbers of allowed hosts to receive and make calls. But also, we'd like to configure ip inspect for making calls on any hosts without adding them to ACL.

We put numbers of protocols in ip inspect, but with it applied, we can't make calls, so I thinks we missed a few protocols.

Can someone suggest, which protocols must be added to?

Thanks!

Tomonori Taniguchi · ‎11-21-2012

Here is list of ports that MX300 will use however RTP media port range is very depend on far end device and software version.

For H.323:

Gatekeeper Discovery (RAS): Port 1719 (UDP)
Q.931 call Setup: Port 1720 (TCP)
H.245(Static): Port Range 5555-6555 (TCP), if port allocation configuration set to “Static”
H.245(Dynamic): Port Range 11000-20999 (TCP), if port allocation configuration set to “dynamic”
Video*: Port Range 2326-2485 (UDP)
Audio*: Port Range 2326-2485 (UDP)
Data/FECC*: Port Range 2326-2485 (UDP)
*Configurable by "RTP Ports Range Start" and "RTP Ports Range Stop"

For SIP:

SIP messages Port 5060 UDP/TCP
SIP messages Port 5061 TLS(TCP)
Video* Port Range 2326-2485 UDP
Audio* Port Range 2326-2485 UDP
*Configurable by "RTP Ports Range Start" and "RTP Ports Range Stop"

alcidio.tembe1 · ‎11-06-2015

Hello tomtanig

How are you doing? I am good!

I have to implemente the Telepresence Mx300 in my office, so the issue is:

I have one NAT Overload for the LAN, so on the same Public IP addresse I would like to implement the static NAT based on ports that the telepresence use, but I dont have the ideia how to do it because I see many ports that Telepresence use.

Could you please support me!

Thanks

Alcidio Tembe