11-26-2012 08:45 AM - edited 03-21-2019 06:39 AM
Customer needs to communicate to server at home location via port 1150. UC540 is using auto generated ACLs. I tried adding a line to permit the IP and the port on ACLs 104 and 102 with no luck.
Solved! Go to Solution.
11-26-2012 08:49 AM
Outbound connections ar never blocked without need to explcitiely allow them for each port, so either you don't have all the info, or UC500 is not the cause of the problem.
11-26-2012 08:49 AM
Outbound connections ar never blocked without need to explcitiely allow them for each port, so either you don't have all the info, or UC500 is not the cause of the problem.
11-26-2012 08:58 AM
The vendor is trying to connect via port 1150 to a public IP from our network. When they try outside of our network, they are able to connect to the server which is behind a Netgear with port forwarding turned on.
11-26-2012 09:31 AM
I’m going to attempt to explain better.
Last week I installed the UC540. Our customer only has three phones on the system. The wireless is active and they will be connecting some PCs via the back of the phones.
VLAN 1 is 192.168.20.0/24 and VLAN 100 is 10.1.1.0/24.
On Wednesday, my customer’s computer vendor installed three PCs that need to connect back to the main branch to a server. Their software communicates via port 1150. Even though the vendor had tested from their location, they were unsuccessful at connecting the same PC from our network through the UC540.
11-26-2012 11:23 AM
You can test that yourself, a PC issue 'telnet
11-26-2012 01:23 PM
OK! Thanks for the feedback! It's a two hour drive, but I'm going to visit the customer tomorrow and test for myself. Like you, I don't see why the default, auto generated ACLs wouldn't allow access from our network to another network. They claim to have opened/forwarded ports, etc. Something is missing and it's going to take a site visit to get to the bottom of this issue!.
I will follow-up once we figure it out!
Thanks for your replys!
11-26-2012 01:57 PM
I would have them launch one of the many remote support apps and check on things from home....
Really no reason to drive (unless scenic route and/or enjoyable vehicle )
11-30-2012 11:51 AM
OK - The issues turned out to be that both locations (with in a mile of each other) were on the same provider and the same subnet. The provider doesn't allow IPs on the same subnet to communicate.
Changing the IP to one of the locations resolved the issue.
Basically, Paolo was correct when he said "Outbound connections are never blocked without need to explicitly allow them for each port, so either you don't have all the info, or UC500 is not the cause of the problem."
His explanation was repeated by Cisco TAC when I placed a service call. This lead me to make a site visit to both locations where I discovered that the two locations could not see each other.
I installed a UC540 at one of the locations. I had never been to the other. My customer's vendor couldn't figure out the issue and pointed the finger at the UC540.
Paolo - Thanks for your response!!
11-30-2012 01:27 PM
It was a little tricky issue anyway.
Thank you for the nice rating and good luck!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide