Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

VIDEO CONFRENCING THROUGH THE ASA

HI can anyone tell me what ports need to be allowed to allow video confrencing through the ASA

can i use nat instead of access lists to do the same

4 REPLIES

VIDEO CONFRENCING THROUGH THE ASA

Incase of H323.

PORTTYPEPROTOCOLDESCRIPTION
1719StaticUDPGatekeeper RAS
1720Static TCPQ.931 (Call Setup)
1024-65535Dynamic TCPH.245(Call Parameters)
1024-65535DynamicUDP (RTP)Video Data Streams
1024-65535Dynamic UDP (RTP)Audio Data Streams
1024-65535DynamicUDP (RTCP)Control Information


You can use NAT but better not to use.

Thanks

ajay

New Member

VIDEO CONFRENCING THROUGH THE ASA

Thanks for the reply ajay but opening so many ports would make the firewall vulnerable.

so how can i do it using nat

VIDEO CONFRENCING THROUGH THE ASA

VIDEO CONFRENCING THROUGH THE ASA

Hi,

I recently setup a VC (polycom) behind ASA 5510. port requirement may depent on vendor - below are tehe ports I used..

tcp h323 & 1731

tcp  3230 3235

udp 3230 3253

udp 1718 & 1719

Also, once you set up you can do a free test using IPs listed at vtctest.com. As part of security, i disabled 'icmp echo' from outside to this static Nat'd ip.

hth

MS

457
Views
4
Helpful
4
Replies
CreatePlease to create content