Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Call Manager 4.1 thru PIX firewall

Has anyone configured PIX 7 to allow communication with Cisco Call Manager protected by the firewall.

The Cisco pdf titled "Cisco Callmanager 4.1 TCP and UDP port usage" states that between phones and Call Manager for TFTP - port 69 then ephemeral UDP ports need to be allowed.

Is the function of the INSPECT TFTP (previously FIXUP PROTOCOL TFTP) not to monitor for the required ports so that ephemeral ports dont have to be opened up?

Is this peculiar to Call Manager 4.1 as I have configured PIX with earlier versions and have not been required to open these ephemeral ports.

New Member

Re: Call Manager 4.1 thru PIX firewall

exactly, add the "inspect tftp" and all gonna be ok.

FYI: ephemeral ports are from 49154 to 65534

New Member

Re: Call Manager 4.1 thru PIX firewall

Thanks for the reply Francis. Have you tried this configuration CCM 4.1 / PIX 7.x?

I tried it and it would only work when I opened up the ephemeral ports from the phones and gateways to the Call Manager.

I am confused as to why the documentation says it is required to do this.