Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.


Supervisor Desktop/Checkpoint Firewall


having a little issue with A supervisor and agent desktop configuration. all clients are behind a checkpoint firewall and the CCM 4.X with co resident 3.5(2) IPCC standard is protected by this firewall. the application traverses the checkpoint to establish connectivity. had to open up a few ports and now the application itself is working. however, i cannot see any desktop agents or phone agents displayed. my security engineer checked and showed me that there is a handshaking issue and packets are no in syn hence dropping the packets causing the loss.

to test we turned off packet inspection on the checkpoint and that worked perfectly. we renabled and created a script on the firewall to enable the ports as documented in the cisco document. however, it seems as though CAD is doing dynamic port assignment so when we specify certain ports, more comes about and are blocked.

Question: how can this be solved without leacing packet insepction off. is this maybe an CAD application issue and if so can i download and update the CAD application to say 6.x or 7. im not seeing anywhere that the application can be downloaded separately.

please advise and thanks in advance.


Re: Supervisor Desktop/Checkpoint Firewall

Opened a case with TAC

Said that supervisor/agent desktop is not supported with NAT/Firewall.

i could swear i read something stating the opposite.

any ideas?

CreatePlease to create content