WebEx Call not working

vikaskm11 · ‎05-08-2020

Hello Team,

I have issue , CUCM register EPs are not able to Call WebEx.

EP>>CUCM>>Exp C >>Exp E >> Web Ex

When we check Exp E search history we see "Request Timeout". In Wireshark we see Exp E ( LAN 2 IP ) re transmission TCP pack packets to WebEx Public IP.

This may be issue port blocked on FW.

I want to know is it necessary we need to open 5061/5060 from internal to external ?

2nd : If we ask FW team to open ports from External to internal than what should be the internal IP is it Public IP of Expressway E or LAN 2 IP of expressway E.

Mike_Brezicky · ‎05-11-2020

Do you have the webex zone for Hybrid calling setup on the Expressway E? I believe it should be using the mutual TLS port - 5062, not the SIP or SIPS port.

Eric Ingram · ‎05-13-2020

I pulled the below from our request to FW team, but all this came from the guide https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X12-5/Cisco-Expressway-IP-Port-Usage-for-Firewall-Traversal-Deployment-Guide-X12-5.pdf

Look around page 18, It has some really good diagrams of port usage between exp c, exp e and the firewall to internet.

IP	Port
Public IP LAN 2	SIP RTP/UDP - 5060
Public IP LAN 2	SIP TCP/TLS 25000-29999
Public IP LAN 2	SIP TCP 5060
Public IP LAN 2	SIP TLS 5061
Public IP LAN 2	RTP/RTCP UDP 36000 - 59999
Public IP LAN 2	DNS TCP/UDP – 53


Private IP LAN 1	RTP/RTCP UDP 36000 - 59999
Private IP LAN 1	SIP TLS 5061
Private IP LAN 1	SIP TCP 5060
Private IP LAN 1	SIP TCP 25000-29999
Private IP LAN 1	TCP - 7001
Private IP LAN 1	DNS TCP/UDP - 53
Private IP LAN 1	UDP - 123
Private IP LAN 1	TCP 3478
Private IP LAN 1	UDP 3478
Private IP LAN 1	TCP – 22
Private IP LAN 1	HTTPS – 443
Private IP LAN 1	SNMP
Private IP LAN 1	TCP/UDP 30000-35999 (syslog)

Management IP	HTTPS – 443
Management IP	TCP - 22

rate if helpful!

CHEERS