Minimum open port requirements

Unanswered Question
Jul 11th, 2007

Hi I have a VOIP at the office and lately I?ve been getting complaints that not all call get through, and it?s something that happens very sporadicly.

So I?m thinking maybe I don have all the required ports open in our firewall.

I have the 16384-32767 range, and other ports like the 2000.

Are there any other ports that should be open and I?m not doing this right.

We have Cisco CallManager 3.3 and Cisco IP Phones 7940

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ZychoFlow Wed, 07/11/2007 - 12:18

Until now they?ve all been to PSTN so I?m basicly thinking that it should be the firewall that filters out the internet access.

I had already found that link. I guess I was just kind of hesitant to open all of those ports.

Since I?m no guru in IP telephony I was just wondering which ports are required to go through the firewall to the outside in order to place outbound calls.

But thanks a lot for your help I?ll take another look at that page.

Brandon Buffin Wed, 07/11/2007 - 12:22

Your internet firewall should not be between your phones/Callmanager and the PSTN. What are you using for PSTN access (PRI, FXO, etc.)? Is it possible that you are using the capacity of your PSTN access?

Brandon

ZychoFlow Wed, 07/11/2007 - 12:54

Well our current setup is a Cisco router (1790 I think) which connects to two T1 lines (one for data and one for voice, so correct me if I?m wrong but I guess that that?s an ISDN PRI...)

Then another line connects to the firewall, and everything else is behind the firewall.

So if I understood correctly your saying that the call manager and the IP phones shouldn?t be behind the router. Is this due to performance issues?

The only error messages that I?m getting in my firewall are ?out-of-state packets?, maybe that helps.

Brandon Buffin Wed, 07/11/2007 - 13:07

The phones and Callmanager should be behind the router, but traffic destined for the PRI is not being filtered by firewall rules. One quick way to look at the number of active calls is to issue the "show call active voice compact" command on the router. You can also use the RTMT anc CAR tools to look at usage statistics for the gateway.

RTMT

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00802df0c4.html

CAR

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00802df08f.html

Brandon

ZychoFlow Wed, 07/11/2007 - 17:32

Ok thank you very much I'll definitely try them out and let you know.

And thanks again Brandon

Actions

This Discussion