Xcode ressource behind firewall, what ports to permit

Unanswered Question
Mar 2nd, 2009
User Badges:

Hi all,

I install a gateway 2821 to have a XCODE ressources, the gateway will be behind a firewall, anybody know please what ports must be permit in the firewall ? is the IP Phones witch will use the transcoder sessions communicate with the gateway directly with rtp for example or just with the callmanager ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
testeven Mon, 03/02/2009 - 05:58
User Badges:
  • Cisco Employee,


RTP media will be established between endpoints, CUCM will be in charge of the signaling and to see where to route the call and which

meida resources to engage if needed/applicable. Therefore, gateways and media resources will handle RTP streams.

You'll need to open RTP ports or you can use an ACL.

"Unlike an ACL, most firewall configurations will open only the RTP stream port that Unified CM has told the phone and the gateway to

use between those two devices as long as the signaling goes through the firewall. "

You can check the SRND Voice security chapter for more information:


Hope this helps!



mohamedessoufy Mon, 03/02/2009 - 06:33
User Badges:


Thank you Teresa for you answer, it helps very well.

an IPCC server will use the XCODE hardware ressources, i want to know please if that the IPCC server communicate RTP directly with the Gateway or that the CTI Route point that do it.

Best Regards,


testeven Mon, 03/02/2009 - 06:43
User Badges:
  • Cisco Employee,


If you refer to the UCCX SNRD you'll see that the RTP stream is established between the CTI port and the GW.

(Please check page 42 for a detailed call flow example/explanation)

"The Accept step in the application will answer the call by sending a message to Cisco Unified CM to establish an

RTP stream between the selected CTI Port and the Voice Gateway (VG) port (or calling IP Phone)"


Have a nice day!



This Discussion