Cisco Cisco Expressway Maintenance Manual

Unified Communications port reference

This section summarizes the ports that need to be opened on the firewalls between your internal network
(where the Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the
DMZ and the public internet.

Outbound from Expressway-C (private) to Expressway-E (DMZ)

Purpose

Protocol

Expressway-C (source)

Expressway-E (listening)

XMPP (IM and Presence)

TCP

Ephemeral port

7400

SSH (HTTP/S tunnels)

TCP

Ephemeral port

2222

Traversal zone SIP signaling

TLS

25000 to 29999

7001

Traversal zone SIP media

UDP

36002 to 59999 *

36000 to 36001 *

Outbound from Expressway-E (DMZ) to public internet

Purpose

Protocol

Expressway-E (source)

Internet endpoint
(listening)

SIP media

UDP

36002 to 59999 *

>= 1024

SIP signaling

TLS

25000 to 29999

>= 1024

Inbound from public internet to Expressway-E (DMZ)

Purpose

Protocol

Internet endpoint
(source)

Expressway-E (listening)

XMPP (IM and Presence)

TCP

>= 1024

5222

HTTP proxy (UDS)

TCP

>= 1024

8443

Media

UDP

>= 1024

36002 to 59999 *

SIP signaling

TLS

>= 1024

5061

HTTPS (administrative access)

TCP

>= 1024

443

From Expressway-C to Unified CM / CUC

Purpose

Protocol

Expressway-C (source)

Unified CM (listening)

XMPP (IM and Presence)

TCP

Ephemeral port

7400 (IM and Presence)

HTTP proxy (UDS)

TCP

Ephemeral port

8443 (Unified CM)

HTTP (configuration file retrieval)

TCP

Ephemeral port

6970

CUC (voicemail)

TCP

Ephemeral port

443 (CUC)

Media

UDP

36002 to 59999 *

>= 1024

SIP signaling

TCP/TLS

25000 to 29999

5060/5061

* The default media port range is 36000 to 59999. The first 2 ports in the range are used for multiplexed traffic
only (with Large VM deployments the first 12 ports in the range – 36000 to 36011 – are used).

Note that:

Cisco Expressway Administrator Guide (X8.1)

Page 258 of 344

Reference material

Unified Communications port reference