09-28-2020 03:46 AM
Hi,
From the telphone vlan is it ok blocking http and http access to the call manager ?
Or what port need to be opened from phone vlan to cucm
Thanks
09-28-2020 05:16 AM
Phone | Unified Communications Manager | 53/ TCP | Session Initiation Protocol (SIP) phones resolve the Fully Qualified Domain Name (FQDN) using a Domain Name System (DNS)
| ||
Phone | Unified Communications Manager (TFTP) | 69, then Ephemeral / UDP | Trivial File Transfer Protocol (TFTP) used to download firmware and configuration files | ||
Phone | Unified Communications Manager | 2000 / TCP | Skinny Client Control Protocol (SCCP) | ||
Phone | Unified Communications Manager | 2443 / TCP | Secure Skinny Client Control Protocol (SCCPS) | ||
Phone | Unified Communications Manager | 2445 / TCP | Provide trust verification service to endpoints. | ||
Phone | Unified Communications Manager (CAPF) | 3804 / TCP | Certificate Authority Proxy Function (CAPF) listening port for issuing Locally Significant Certificates (LSCs) to IP phones | ||
Phone | Unified Communications Manager | 5060 / TCP and UDP | Session Initiation Protocol (SIP) phone | ||
Unified Communications Manager | Phone | ||||
Phone | Unified Communications Manager | 5061 TCP | Secure Session Initiation Protocol (SIPS) phone | ||
Unified Communications Manager | Phone | ||||
Phone | Unified Communications Manager (TFTP) | 6970 TCP | HTTP-based download of firmware and configuration files | ||
Phone | Unified Communications Manager (TFTP) | 6971, 6972 / TCP | HTTPS interface to TFTP. Phones use this port to download a secure configuration file from TFTP. | ||
Phone | Unified Communications Manager | 8080 / TCP | Phone URLs for XML applications, authentication, directories, services, etc. You can configure these ports on a per-service basis. | ||
Phone | Unified Communications Manager | 9443 / TCP | Phone use this port for authenticated contact search. | ||
Phone | Unified Communications Manager | 9444 | |||
IP VMS | Phone | 16384 - 32767 / UDP | Real-Time Protocol (RTP), Secure Real-Time Protocol (SRTP)
| ||
Phone | IP VMS |
10-12-2020 03:07 AM - edited 10-12-2020 03:08 AM
first of all its varies between phone types and what you configured in CUCM side.
mostly, the phones use http/s to get xml files from some services like extension mobility, directory services and so on.
but I think your question is not for the "http" protocol but the protocol tcp port.
http default port is tcp/80
but cucm http default port is tcp/8080
go to system>enterprise parameters and see what pathes did you configured for directory services + see if your cucm use custom phone services and then decide if to block or not.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: