From: Scott Morris (swm@emanon.com)
Date: Mon Aug 02 2004 - 19:57:37 GMT-3
32767 is actually the end port. 32768 is the beginning port for the
whiteboard space of H.323...
Otherwise, if you are using any "feature negotiation" within the H.323 spec
you would need to allow H.245 as well, which is in the TCP 11000-11999
range.
While having more information (for CallManager), this may help you out:
http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186
a00801a62b9.shtml
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
gladston@br.ibm.com
Sent: Monday, August 02, 2004 6:14 PM
To: ccielab@groupstudy.com
Subject: VOCIE + Security
Sorry if this is to basic. I could not find an answer searching at Cisco and
Google.
If we need to allow Voice between R1 and R3 (R1 and R3 calls each other),
would these commands be enough if R2 has in access-list inbound on the
interface connected to R1?
permit tcp any any eq 1720
permit tcp any eq 1720 any
permit udp any any range 16384 32768
Just using "16384 32768" do the job?
This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:31 GMT-3