Cisco Cisco Expressway
Mobile and remote access port reference
This section summarizes the ports that could potentially be used between your internal network (where the
Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the DMZ and the
public internet.
Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the DMZ and the
public internet.
Outbound from Expressway-C (private) to Expressway-E (DMZ)
Purpose
Protocol
Expressway-C (source)
Expressway-E (listening)
XMPP (IM and Presence)
TCP
Ephemeral port
7400
SSH (HTTP/S tunnels)
TCP
Ephemeral port
2222
Traversal zone SIP signaling
TLS
25000 to 29999
7001
Traversal zone SIP media
(for small/medium systems on X8.1 or
later)
later)
UDP
36000 to 59999*
36000 (RTP), 36001
(RTCP) (defaults)
(RTCP) (defaults)
Traversal zone SIP media
(for large systems)
UDP
36000 to 59999*
36000 to 36011 (6 pairs of
RTP and RTCP ports for
multiplexed media
traversal)
RTP and RTCP ports for
multiplexed media
traversal)
Outbound from Expressway-E (DMZ) to public internet
Purpose
Protocol
Expressway-E (source)
Internet endpoint
(listening)
(listening)
SIP media
UDP
36002 to 59999 or
36012 to 59999
>= 1024
SIP signaling
TLS
25000 to 29999
>= 1024
Inbound from public internet to Expressway-E (DMZ)
Purpose
Protocol
Internet endpoint
(source)
(source)
Expressway-E (listening)
XMPP (IM and Presence)
TCP
>= 1024
5222
HTTP proxy (UDS)
TCP
>= 1024
8443
Media
UDP
>= 1024
36002 to 59999 or
36012 to 59999*
SIP signaling
TLS
>= 1024
5061
HTTPS (only required for external
administrative access, which is
strongly discouraged)
administrative access, which is
strongly discouraged)
TCP
>= 1024
443
Unified Communications Mobile and Remote Access via Cisco Expressway Deployment Guide (X8.5.2)
Page 38 of 54
Mobile and remote access port reference