cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

814
Views
0
Helpful
2
Replies
Highlighted

VCS Registration only via SIP TLS, but B2B Calls via all Protocols,Possible via CPL?

Dear all,


my customer wants to allow endpoints to only register via SIP TLS on their VCS-Expressway.

B2B calls shall be allowed via both SIP TLS & TCP as well as H323.

Is there a way on VCS to deny SIP TCP and H323 registrations via CPL?

If yes, how?

I made a quick drawing and attached it as pdf, to clarify what I mean.

Thanks in advance!


Best regards,

Alex

Everyone's tags (6)
2 REPLIES 2
Participant

VCS Registration only via SIP TLS, but B2B Calls via all Protoco

H323 registration can be stopped simply be creating a Deny rule for your H323 registration port (default is 1719/udp) on the VCS's built-in firewall.  I had to restart the VCS for it to take effect, although I shouldn't have.  SIP is much more difficult though because the registration port is not unique--it's the same port used for call setup.  I don't recall anything in CPL that will let you do this, but I'm sure others have more experience with CPL than I do.

Cisco Employee

VCS Registration only via SIP TLS, but B2B Calls via all Protoco

Hi Alexander,

please check if setting up Default Zone Access Rules would resolve your problem - (

Configuration>Zones >Default Zone access rules).

And also I imagine that the local and remote expressway will establish client - server traversal zone , correct?

Regars//Andrey

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here