Cisco Cisco Expressway 维护手册
Purpose
Protocol
Expressway-C (source)
Internal Device Port/Range
Media
UDP
36000 to 59999*
>= 1024 (Media recipient
eg. endpoint)
eg. endpoint)
SIP signaling
TCP
25000 to 29999
5060 (Unified CM)
Secure SIP signaling
TLS
25000 to 29999
5061 (Unified CM)
* The default media traversal port range is 36000 to 59999, and is set on the Expressway-C at Configuration
> Traversal Subzone. In Large Expressway systems the first 12 ports in the range – 36000 to 36011 by default – are
always reserved for multiplexed traffic. The Expressway-E listens on these ports. You cannot configure a distinct
range of demultiplex listening ports on Large systems: they always use the first 6 pairs in the media port range. On
Small/Medium systems you can explicitly specify which 2 ports listen for multiplexed RTP/RTCP traffic, on the
Expressway-E (Configuration > Traversal > Ports). If you choose not to configure a particular pair of ports (Use
configured demultiplexing ports = No), then the Expressway-E will listen on the first pair of ports in the media
traversal port range (36000 and 36001 by default).
> Traversal Subzone. In Large Expressway systems the first 12 ports in the range – 36000 to 36011 by default – are
always reserved for multiplexed traffic. The Expressway-E listens on these ports. You cannot configure a distinct
range of demultiplex listening ports on Large systems: they always use the first 6 pairs in the media port range. On
Small/Medium systems you can explicitly specify which 2 ports listen for multiplexed RTP/RTCP traffic, on the
Expressway-E (Configuration > Traversal > Ports). If you choose not to configure a particular pair of ports (Use
configured demultiplexing ports = No), then the Expressway-E will listen on the first pair of ports in the media
traversal port range (36000 and 36001 by default).
Note that:
■
Ports 8191/8192 TCP and 8883/8884 TCP are used internally within the Expressway-C and the Expressway-E
applications. Therefore these ports must not be allocated for any other purpose. The Expressway-E listens
externally on port 8883; therefore we recommend that you create custom firewall rules on the external LAN
interface to drop TCP traffic on that port.
applications. Therefore these ports must not be allocated for any other purpose. The Expressway-E listens
externally on port 8883; therefore we recommend that you create custom firewall rules on the external LAN
interface to drop TCP traffic on that port.
■
The Expressway-E listens on port 2222 for SSH tunnel traffic. The only legitimate sender of such traffic is the
Expressway-C (cluster). Therefore we recommend that you create the following firewall rules for the SSH
tunnels service:
Expressway-C (cluster). Therefore we recommend that you create the following firewall rules for the SSH
tunnels service:
—
one or more rules to allow all of the Expressway-C peer addresses (via the internal LAN interface, if
appropriate)
appropriate)
—
followed by a lower priority (higher number) rule that drops all traffic for the SSH tunnels service (on the
internal LAN interface if appropriate, and if so, another rule to drop all traffic on the external interface)
internal LAN interface if appropriate, and if so, another rule to drop all traffic on the external interface)
Microsoft Interoperability Port Reference
The port numbers listed below are the default port values. The values used in a real deployment may vary if they have
been modified, for example, by changes of registry settings or through group policy, on Microsoft infrastructure or
clients, or configuration on Expressway (Applications > B2BUA).
been modified, for example, by changes of registry settings or through group policy, on Microsoft infrastructure or
clients, or configuration on Expressway (Applications > B2BUA).
Purpose
Protocol
Expressway port
Microsoft port
Signaling to Microsoft server
TLS
65072
5061 (Server SIP listening port)
Signaling from Microsoft server
TLS
65072
Ephemeral port
Table 20 Between B2BUA and Microsoft Environment
342
Cisco Expressway Administrator Guide
Reference Material