Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
677
Views
4
Helpful
4
Replies

VIDEO CONFRENCING THROUGH THE ASA

harvinder-s
Level 1
Level 1

‎11-16-2011 08:16 AM - edited ‎03-11-2019 02:51 PM

HI can anyone tell me what ports need to be allowed to allow video confrencing through the ASA

can i use nat instead of access lists to do the same

Labels:
0 Helpful
4 Replies 4

ajay chauhan
Level 7
Level 7

‎11-16-2011 08:25 AM

Incase of H323.

PORTTYPEPROTOCOLDESCRIPTION
1719StaticUDPGatekeeper RAS
1720Static TCPQ.931 (Call Setup)
1024-65535Dynamic TCPH.245(Call Parameters)
1024-65535DynamicUDP (RTP)Video Data Streams
1024-65535Dynamic UDP (RTP)Audio Data Streams
1024-65535DynamicUDP (RTCP)Control Information


You can use NAT but better not to use.

Thanks

ajay

harvinder-s
Level 1
Level 1
In response to ajay chauhan

‎11-16-2011 08:30 AM

Thanks for the reply ajay but opening so many ports would make the firewall vulnerable.

so how can i do it using nat

0 Helpful

mvsheik123
Level 7
Level 7
In response to ajay chauhan

‎11-16-2011 01:19 PM

Hi,

I recently setup a VC (polycom) behind ASA 5510. port requirement may depent on vendor - below are tehe ports I used..

tcp h323 & 1731

tcp  3230 3235

udp 3230 3253

udp 1718 & 1719

Also, once you set up you can do a free test using IPs listed at vtctest.com. As part of security, i disabled 'icmp echo' from outside to this static Nat'd ip.

hth

MS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card