Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
513
Views
0
Helpful
3
Replies

Unity Server trying to contact external host on udp port 1064

tracey.marshall
Level 1
Level 1

‎06-19-2002 07:58 AM - edited ‎03-12-2019 07:17 PM

My customer is running Unity 2.4.6. They have recently installed a firewall and the logs are showing that the Unity server is trying to contact host 207.183.41.156 followed by 207.183.41.157 on udp port 1064 approx. every 20 minutes. Any ideas what this can be?

Labels:
0 Helpful
3 Replies 3

lindborg
Cisco Employee
Cisco Employee

‎06-19-2002 09:13 AM

Here's an email from an internal mailer along this subject line from a while back that may be useful.

=========================

The Skinny traffic uses TCP and binds to port 2000 on the CM side (for all Unity devices) and ports between 1024 and 5000 (one per Unity device) on the Unity side. I've seen it start at port 3000 (on the Unity) and build up one per device, but these are assigned by the OS. They're guaranteed to be between 1024 and 5000. You might try `netstat` to see if they're always ports 3000+ or if that's just my box.

The RTP traffic uses UDP and binds to ports starting at 22800 on the both the Unity side and the phone side. (RTP data is sent directly between endpoints, not through the CCM). There is a separate RTP connection for each audio direction (incoming and outgoing) for each active device. These are reallocated as needed, so you'll only have active UDP ports to correspond to the active Unity devices.

Thus, for each Unity device, one TCP socket is always active, and two UDP ports will be used on each side of the connection when needed. `netstat` and `netstat -a` should illustrate this on a test box.

Also note that each side of the connection has it's own port. Like when you

surf the web, you connect to the "well known" port 80 on the http server,

but your browser binds to a local port which is likely to be above 1024 (it

is assigned by the OS, since it doesn't need to be a "well known" port on

the client.)

Other possible ports:

UDP 16384-32767 for RTP streams unity<->voice terminating device

(phone/gateway)

TCP 143 for communication from unity<->exchange IMAP

TCP 389 for communication from unity<->exchange LDAP directory

TCP 137-139 for any SMB communication from unity<->exchange server

(copy files to/from remote share \\server\share )

0 Helpful

tracey.marshall
Level 1
Level 1

‎06-25-2002 04:58 AM

The unity server is not integrated with exchange. It should only be communicating with internal private addresses of phones, gateways and call managers (all 10.x.x.x). I was wondering if these external connections are the server attempting to check a web server for software fixes (eg. Microsoft?) or something similar. These connection attempts are being blocked by the firewall so are obviously not service affecting.

0 Helpful

eschulz
Cisco Employee
Cisco Employee
In response to tracey.marshall

‎06-25-2002 08:26 AM

207.183.41.156 and 207.183.41.157 are both name servers for dns4less.com. None of the software shipped with Unity should be pointing to this by default. Perhaps these addresses have been entered in the network configuration of you server?

0 Helpful
Customers Also Viewed These Support Documents