Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Video conferencing through Firewall


We have PIX 515 with Version 6.3(3). We are planning to setup Video conferencing to have a conference with our international customers . We are planning to put the Video conference system behind the firewall for security reasons .I would appreciate if anyone have similar setup and share the Tech aspects like what are the ports to be opened in firewall, fine tuning if any on firewall etc...

Thanks in advance



Re: Video conferencing through Firewall

I'll make the assumption you're using H.323?

The fixup support for H.323 is pretty good now and even works with PAT. If you can avoid, don't use PAT for your server. Use NAT with a static statement and you'll have fewer problems.

You should be able to make it work with only opening TCP port 1720. However, this varies from one vendor to another as H.323 is a complicated and varied protocol suite. You may also need to open TCP/389 if you have a Netmeeting/MS based session.

New Member

Re: Video conferencing through Firewall

Thanks Shannong . We are planning to go for Polycom VC unit and the model is iPower 9000 series.

Thanks with regards,


New Member

Re: Video conferencing through Firewall


You can reference as follow:

Port Range Requirements for TCP and UDP on an iPower


1700 - 1749

UDP Audio

17000 - 17099

UDP Video

17100 - 17299

UDP Port Control

17300 - 17309

Tip: If a call needs to go through a firewall, be sure to open the configured ports at the firewall as well. In addition to these ports, you must open TCP and UDP ports 1503 for T.120 support and TCP port 1720 for H.225.0 Call Signaling.

And also, you can find more details on polycom web site.

New Member

Re: Video conferencing through Firewall

We're having the same issue here with a Polycom setup. And we are able to VTC using site-to-site VPN. The only problem is that the audio and video quality is not good. We have on both ends the DSL equivalent of T1. That's something to do with encryption. Anybody has an idea to give better results?

Vincent Rochette.