09-20-2015 08:03 AM - edited 03-19-2019 10:07 AM
We have Expressway Setup with Public IP NATed to Expressway Private IP.
The issue is that the Company Security Policy does not allow opening ports of huge range from Public to Inside as mentioned below :-
Type | Description | Protocol | IP address | IP port | Transport |
H.323 | Call signaling port range | H.323 | Public IP | 15000 to 19999 | TCP |
Media | Media port range | RTP,RTCP | Public IP | 36000 to 59999 | UDP |
TURN Srv media | TURN server media | Public IP | 24000 to 29999 | UDP |
What is the work around for this ? Is there away to shorten these ranges ?
09-20-2015 09:09 AM
I am not aware of a workaround, you need to open ports as documented in the Expressway deployment guide if your organization wants to utilize the product.
09-21-2015 02:04 AM
But still I feel we can at least Squeeze the range by some way.
Is it mandatory that all these range has to be allowed from INTERNET to EXP-EDGE ?
09-21-2015 03:16 AM
I doubt Cisco would put a range in unless it was required.
The only thing I can suggest is to check the firewall logs to see what ports the devices are actually using. I suspect it will not be 15001, 15002, 15003 in sequence however so you may be forced to just open up the ports as described in the Deployment guide if you want it to work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide