Cisco Cisco Expressway
Mobile and remote access port reference
This section summarizes the ports that need to be opened on the firewalls between your internal network
(where the Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the
DMZ and the public internet.
(where the Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the
DMZ and the public internet.
Outbound from Expressway-C (private) to Expressway-E (DMZ)
Purpose
Protocol
Expressway-C (source)
Expressway-E (listening)
XMPP (IM and Presence)
TCP
Ephemeral port
7400
SSH (HTTP/S tunnels)
TCP
Ephemeral port
2222
Traversal zone SIP signaling
TLS
25000 to 29999
7001
Traversal zone SIP media
(for small/medium systems on X8.1 or
later)
later)
UDP
36000 to 59999*
36000 (RTP), 36001
(RTCP) (defaults)
(RTCP) (defaults)
Traversal zone SIP media
(for large systems)
UDP
36000 to 59999*
36000 to 36011 (6 pairs of
RTP and RTCP ports for
multiplexed media
traversal)
RTP and RTCP ports for
multiplexed media
traversal)
Outbound from Expressway-E (DMZ) to public internet
Purpose
Protocol
Expressway-E (source)
Internet endpoint
(listening)
(listening)
SIP media
UDP
36002 to 59999 or
36012 to 59999
>= 1024
SIP signaling
TLS
25000 to 29999
>= 1024
Inbound from public internet to Expressway-E (DMZ)
Purpose
Protocol
Internet endpoint
(source)
(source)
Expressway-E (listening)
XMPP (IM and Presence)
TCP
>= 1024
5222
HTTP proxy (UDS)
TCP
>= 1024
8443
Media
UDP
>= 1024
36002 to 59999 or
36012 to 59999*
SIP signaling
TLS
>= 1024
5061
HTTPS (administrative access)
TCP
>= 1024
443
From Expressway-C to Unified CM / CUC
Purpose
Protocol
Expressway-C (source)
Unified CM (listening)
XMPP (IM and Presence)
TCP
Ephemeral port
7400 (IM and Presence)
Unified Communications Mobile and Remote Access via Cisco Expressway Deployment Guide (X8.5)
Page 36 of 50
Mobile and remote access port reference