09-28-2020 03:46 AM
Hi,
From the telphone vlan is it ok blocking http and http access to the call manager ?
Or what port need to be opened from phone vlan to cucm
Thanks
09-28-2020 05:16 AM
Phone | Unified Communications Manager | 53/ TCP | Session Initiation Protocol (SIP) phones resolve the Fully Qualified Domain Name (FQDN) using a Domain Name System (DNS)
| ||
Phone | Unified Communications Manager (TFTP) | 69, then Ephemeral / UDP | Trivial File Transfer Protocol (TFTP) used to download firmware and configuration files | ||
Phone | Unified Communications Manager | 2000 / TCP | Skinny Client Control Protocol (SCCP) | ||
Phone | Unified Communications Manager | 2443 / TCP | Secure Skinny Client Control Protocol (SCCPS) | ||
Phone | Unified Communications Manager | 2445 / TCP | Provide trust verification service to endpoints. | ||
Phone | Unified Communications Manager (CAPF) | 3804 / TCP | Certificate Authority Proxy Function (CAPF) listening port for issuing Locally Significant Certificates (LSCs) to IP phones | ||
Phone | Unified Communications Manager | 5060 / TCP and UDP | Session Initiation Protocol (SIP) phone | ||
Unified Communications Manager | Phone | ||||
Phone | Unified Communications Manager | 5061 TCP | Secure Session Initiation Protocol (SIPS) phone | ||
Unified Communications Manager | Phone | ||||
Phone | Unified Communications Manager (TFTP) | 6970 TCP | HTTP-based download of firmware and configuration files | ||
Phone | Unified Communications Manager (TFTP) | 6971, 6972 / TCP | HTTPS interface to TFTP. Phones use this port to download a secure configuration file from TFTP. | ||
Phone | Unified Communications Manager | 8080 / TCP | Phone URLs for XML applications, authentication, directories, services, etc. You can configure these ports on a per-service basis. | ||
Phone | Unified Communications Manager | 9443 / TCP | Phone use this port for authenticated contact search. | ||
Phone | Unified Communications Manager | 9444 | |||
IP VMS | Phone | 16384 - 32767 / UDP | Real-Time Protocol (RTP), Secure Real-Time Protocol (SRTP)
| ||
Phone | IP VMS |
10-12-2020 03:07 AM - edited 10-12-2020 03:08 AM
first of all its varies between phone types and what you configured in CUCM side.
mostly, the phones use http/s to get xml files from some services like extension mobility, directory services and so on.
but I think your question is not for the "http" protocol but the protocol tcp port.
http default port is tcp/80
but cucm http default port is tcp/8080
go to system>enterprise parameters and see what pathes did you configured for directory services + see if your cucm use custom phone services and then decide if to block or not.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide