CTI OS Toolkit Desktop sends a heartbeat to CTIOS Server every 5 seconds by default.
Similarly, SCCP phones send a keepalive to their Primary CUCM server every 30 seconds, and their Secondary every 60 seconds (as defined in the phone's CUCM group): https://supportforums.cisco.com/document/74666/cucm-ip-phone-sccp-keepalive-and-failover-architecture
These fall well within your 60 minute session timeout.
The saidkeep-alivemechanisms ofIPphoneand client softwareare known to me,but the questionis more abouttheSessionTimeoutbehavior ofthefirewall. As far as IunderstandFortigatehas the abilityto link it toa(specific)port.I lackknowledge ofFortigate to be sure,hence thequestions. I imaginethat itcould be a problemifanapplication communicatesover aspecific port(eg42027)and is not accessibleto thestandardICMP(ping)port.
Thank you too for taking the time for reading/responding to my post.
To answer your question: These Firewall(s) are used (at least) between the central equipment and users (Phones and Desktop).
But the question is not about the specific ports which must be open to allow communications between the components, they are documented and known (more or less :-), but more about the behavior of the Firewall itself around Sessions.
A Firewall can close Sessions after a certain timeout when no traffic is detected between 2 points (for example between Desktop client and Desktop server).
I can imagine that this could create problems when the mechanism is active but bound to the "wrong ports" or any other configurable items. Hence the question about the availability of (written) notes, remarks, comments or alike which could be useful in such case.
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...
The below trick might come handy when you have to add a new node to a cluster but you don't have or is unsure of the security password for the publisher. This procedure has been around for ages.
1) Login into the CLI of the Publisher.