Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access lists for Call Manager

I am being asked by my security folks if you can apply an access list to Call Manager (not Call Manger expres or businness edition). My research said not. What I am trying to accomplish is a way to secure access to the web pages for CCM Manager and the like so that is not exposed to non-authorized personnel.

2 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Super Bronze

Access lists for Call Manager

Sure you can. You need to be careful though; CUCM uses a lot of various ports. The easiest way is to only restrict HTTP/HTTPS (TCP 80,443,8080,8443) to appropriate source subnets. Take a look at the

Cisco Unified Communications Manager 8.6(1) TCP and UDP Port Usage for details on what is used for client-to-server and server-to-server communications.

Please rate helpful replies.

VIP Super Bronze

Access lists for Call Manager

No. While CUCM runs ip tables you have no access to the configuration of it. You would need to write the ACL on an intermediate layer three device.

4 REPLIES
VIP Super Bronze

Access lists for Call Manager

Sure you can. You need to be careful though; CUCM uses a lot of various ports. The easiest way is to only restrict HTTP/HTTPS (TCP 80,443,8080,8443) to appropriate source subnets. Take a look at the

Cisco Unified Communications Manager 8.6(1) TCP and UDP Port Usage for details on what is used for client-to-server and server-to-server communications.

Please rate helpful replies.

New Member

Access lists for Call Manager

Let me rephrase. What I meant to say is can you apply ACL in the CLI of Call Manager, not via an external firewall.

VIP Super Bronze

Access lists for Call Manager

No. While CUCM runs ip tables you have no access to the configuration of it. You would need to write the ACL on an intermediate layer three device.

New Member

Access lists for Call Manager

O.K. I thought that was the case. Just wanted to double check my facts. By the way, love the picture of you next the gaint 79XX phone. What a riot!

1249
Views
0
Helpful
4
Replies
CreatePlease to create content