TCP and UDP Port Usage Guide for Cisco Unified Communications Manager, Release 10.0(1)

Similar documents
Cisco Unified Communications Manager TCP and UDP Port

Cisco Unified Communications Manager TCP and UDP Port

Port Usage Information for the IM and Presence Service

Port Usage Information for the IM and Presence Service

CISCO UNIFIED COMMUNICATIONS MANAGER 7.0 TCP AND UDP PORT USAGE

CISCO UNIFIED CALLMANAGER 5.0 TCP AND UDP PORT USAGE

Cisco Unified CM Trace

Configuring Trace. Configuring Trace Parameters CHAPTER

Changing the IP Address and Hostname for Cisco Unified Communications Manager Release 8.5(1)

Changing the IP Address and Hostname for Cisco Unified Communications Manager Release 8.6(1)

Trace. Trace. Trace, page 1 Configure trace, page 4

Post-Change Tasks and Verification

Port Utilization Guide for Cisco Unified Contact Center Express Solutions, Release 11.5(1)

Internet Protocol Version 6 (IPv6)

Port Utilization in Finesse

Unified Communications Manager FAQ

Understanding Feature and Network Services in Cisco Unified Serviceability

IP Communications Required by Cisco Unity Connection

Direct Upgrade Procedure for Cisco Unified Communications Manager Releases 6.1(2) 9.0(1) to 9.1(x)

TLS Setup. TLS Overview. TLS Prerequisites

Internet Protocol Version 6 (IPv6)

Cisco Prime Collaboration Deployment Configuration and Administration

CCNA Voice. Unified Communications Overview.

TVOICE: Troubleshooting Cisco Unified Communications v8

Configuration and Administration of IM and Presence Service on Cisco Unified Communications Manager, Release 9.1(1)

Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2

Configuration and Administration for the IM and Presence Service, Release 11.5(1)SU5

CCNP Voice (CCVP) Syllabus/Module Details CVOICE Cisco Voice over IP and QoS v8.0 (CVOICE v8.0)

Readme for Cisco Unity Connection Release 8.6(2a)Service Update 5

Manage Certificates. Certificates Overview

Disaster Recovery System Administration Guide for Cisco Unified Communications Manager Release 8.0(2)

Q&As. Implementing Cisco Collaboration Devices v1.0. Pass Cisco Exam with 100% Guarantee

CAPPS: Implementing Cisco Collaboration Applications v1

Cisco Unified Serviceability Administration Guide, Release11.0(1)

Installation and Configuration Guide for Visual Voic Release 8.5

Interdomain Federation for IM and Presence Service on Cisco Unified Communications Manager, Release 10.5(1)

Configuration and Administration of IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)

Interdomain Federation for the IM and Presence Service, Release 10.x

Cisco TelePresence Conductor with Cisco Unified Communications Manager

System-Level Configuration Settings

Post-Change Task List

Setting Up a Cisco Unified Communications Manager SIP Trunk Integration, page 1

CCNA & CCNP Collaboration. IP Telephony IP Telephony

Cisco TelePresence Conductor with Unified CM

Services. Service descriptions. Cisco HCS services

SIMPLE (SIP for Instant Messaging and Presence Leveraging Extensions Used by CM-IMP. XMPP (extensible Messaging and Presence Protocol) Used by CM-IMP

Encryption setup for gateways and trunks

Polycom RealPresence Access Director System

Port Utilization in Unified CVP

Configuring Encryption for Gateways and Trunks

CCIE Collaboration Written Exam Version 1.0 ( )

Firewall Stateful Inspection of ICMP

Pre-Change Tasks and System Health Checks

IT Exam Training online / Bootcamp

Partitioned Intradomain Federation for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2

Replacing A Single Server or Cluster for Cisco Unified Communications Manager, Release 11.5(1)

Disaster Recovery System Administration Guide for Cisco Unified Communications Manager and IM & Presence Service, Release 10.0(1)

Configure Service Parameters

CCIE Collaboration Written Exam Version 1.1 ( )

Cisco Unified Communications Domain Manager manual configuration

Configuring Services. Activating and Deactivating Feature Services CHAPTER

Configure Centralized Deployment

Configuring NAT for High Availability

Configure Voice and Video Communication

Configure Cisco IP Phones

Cisco CRS Port Utilization Guide, Release 6.0(1) Cisco Unified Contact Center Express and Cisco Unified IP IVR

Cisco Unified Communications Manager Security Guide Copyright 2010 Cisco Systems, Inc. All rights reserved.

Granular Protocol Inspection

Multinode Scalability and WAN Deployments

Cisco Unified CM Disaster Recovery System

Readme for Cisco Unity Connection Release 10.5(2) Service Update 5

SAML SSO Deployment Guide for Cisco Unified Communications Applications, Release 12.0(1)

CCIE Collaboration Written Exam Topics

Using Application Level Gateways with NAT

Firewalls for Secure Unified Communications

Cisco Unified Communications Manager configuration for integration with IM and Presence Service

Cisco TelePresence Conductor with Cisco Unified Communications Manager

Required Ports for Cisco Prime Collaboration

Cisco Unified Serviceability Administration Guide

Read the following information carefully, before you begin an upgrade.

Implementing Cisco Unified Communications Manager Part 2, Volume 1

INTEGRATING CISCO UNIFIED COMMUNICATIONS APPLICATIONS

Mobile and Remote Access Through Cisco Expressway

Unified Communications Mobile and Remote Access via Cisco Expressway

Configuring Port to Application Mapping

Cisco IP Communicator Deployment Preparation

Dolby Conference Phone 3.1 configuration guide for West

Cisco Unified Communications Manager Security Guide, Release 10.0(1)

HT801/HT802 Firmware Release Note IMPORTANT UPGRADING NOTE

Configure Mobile and Remote Access

SAML-Based SSO Solution

Cisco Unified Communications XMPP Federation

Security Guide for Cisco Unified Communications Manager, Release 11.5(1)

CTI route point setup

Command or Action Step 1. Create and Configure Cisco Jabber Devices, on page 1. Configure a SIP Trunk, on page 6

Dolby Conference Phone. Configuration guide for Cisco Unified Communications Manager

Backup and Restore. Cisco Unified Contact Center Express Operations Guide, Release 10.0(1) 1

Cisco Implementing Cisco IP Telephony and Video, Part 2 (CIPTV2) For More Information - Visit:

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

IM and Presence Service Network Setup

Transcription:

and UDP Port Usage Guide for Cisco, Release 10.0(1) First Published: December 03, 2013 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-28669-02

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) 2013 Cisco Systems, Inc. All rights reserved.

CONTENTS Preface Preface v Purpose v Organization v Related documentation vi Obtain documentation and support vi Cisco product security overview vi PART I CHAPTER 1 Cisco and UDP port usage 1 Cisco and UDP port usage 3 Port usage 3 Port descriptions 4 References 17 Firewall application inspection guides 17 IETF /UDP port assignment list 17 IP telephony configuration and port utilization guides 17 VMware port assignment list 18 PART II CHAPTER 2 Service and UDP port usage 19 Port Usage Information for the Service 21 Port usage overview 21 Information collated in table 21 service port list 22 Glossary 35 and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 iii

Contents iv and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02

Preface Purpose, page v Organization, page v Related documentation, page vi Obtain documentation and support, page vi Cisco product security overview, page vi Purpose This document lists the and UDP ports that Cisco and the Service use for intracluster connections and communication with external applications or devices. Important information about the configuration of firewalls, Access Control Lists (ACLs), and quality of service (QoS) on a network when an IP Communications solution is implemented is also provided. Organization The following table shows the organization for this guide: Table 1: Organization of and Port Usage Guide for Cisco Part Description Part 1 Cisco and UDP port usage Provides information about and port usage settings for Cisco. Part 2 Service and UDP port usage Provides information about and port usage settings for the Service. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 v

Related documentation Preface Related documentation Cisco strongly recommends that you review the following documents for more details about installing and maintaining Cisco and the Service. For the latest Cisco and Service requirements, see the Release Notes for Cisco. Installing Cisco This document describes procedures to follow when installing Cisco and the Service. Upgrade Guide for Cisco This document describes procedures to follow when upgrading Cisco and the Service. Cisco Operating System Administration Guide This document provides information about using the Cisco Platform graphical user interface (GUI) to perform many common system- and network-related tasks. Deployment Guide for Service on Cisco This document provides an overview of the configuration process for the Service. Cisco Unified Serviceability Administration Guide This document provides descriptions and procedures for configuring alarms, traces, SNMP, and so on, through Cisco Unified Serviceability. It also describes how to activate, start, and stop feature and network services. Disaster Recovery System Administration Guide for Cisco This document provides an overview of the Disaster Recovery System and provides procedures for performing various backup-related tasks and restore-related tasks. All related documentation can be found at the following URL: http://www.cisco.com/en/us/products/sw/ voicesw/ps556/tsd_products_support_series_home.html Obtain documentation and support For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at http://www.cisco.com/en/us/docs/general/whatsnew/whatsnew.html Cisco product security overview This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for vi and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02

Preface Cisco product security overview compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. Further information regarding U.S. export regulations may be found at http://www.access.gpo.gov/bis/ear/ear_data.html OL-28669-02 and UDP Port Usage Guide for Cisco, Release 10.0(1) vii

Cisco product security overview Preface viii and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02

PART I Cisco and UDP port usage Cisco and UDP port usage, page 3

CHAPTER 1 Cisco and UDP port usage This chapter provides a list of the and UDP ports that Cisco uses for intracluster connections and for communication with external applications or devices. You will also find important information for the configuration of firewalls, Access Control Lists (ACLs), and quality of service (QoS) on a network when an IP Communications solution is implemented. Port usage, page 3 Port descriptions, page 4 References, page 17 Port usage Cisco and UDP ports are organized into the following categories: Intracluster Ports Between Cisco Servers Common Service Ports Ports Between Cisco and LDAP Directory Web Requests CCMAdmin or CCMUser to Cisco Web Requests Cisco to Phone Signaling, Media, and Other Communication Between Phones and Cisco Signaling, Media, and Other Communication Between s and Cisco Communication Between Applications and Cisco Communication Between CTL Client and Firewalls Special Ports on HP Servers See Port descriptions, on page 4 for port details in each of the above categories. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 3

Port descriptions Note Cisco has not verified all possible configuration scenarios for these ports. If you are having configuration problems using this list, contact Cisco technical support for assistance. Port references apply specifically to Cisco. Some ports change from one release to another, and future releases may introduce new ports. Therefore, make sure that you are using the correct version of this document for the version of Cisco that is installed. While virtually all protocols are bidirectional, directionality from the session originator perspective is presumed. In some cases, the administrator can manually change the default port numbers, though Cisco does not recommend this as a best practice. Be aware that Cisco opens several ports strictly for internal use. Installing Cisco software automatically installs the following network services for serviceability and activates them by default. Refer to Table 2: Intracluster Ports Between Cisco Servers, on page 4 for details: Cisco Log Partition Monitoring (To monitor and purge the common partition. This uses no custom common port.) Cisco Trace Collection Service (TCTS port usage) Cisco RIS Data Collector (RIS server port usage) Cisco AMC Service (AMC port usage) Configuration of firewalls, ACLs, or QoS will vary depending on topology, placement of telephony devices and services relative to the placement of network security devices, and which applications and telephony extensions are in use. Also, bear in mind that ACLs vary in format with different devices and versions. Note You can also configure Multicast Music on Hold (MOH) ports in Cisco. Port values for multicast MOH are not provided because the administrator specifies the actual port values. Note The port range for the system is 32768 61000. Port descriptions Table 2: Intracluster Ports Between Cisco Servers () Port Purpose RTMT 1090, 1099 / Cisco AMC Service for RTMT performance monitors, data collection, logging, and alerting and UDP Port Usage Guide for Cisco, Release 10.0(1) 4 OL-28669-02

Port descriptions () Port Purpose (DB) (DB) 1500, 1501 / Database connection (1501 / is the secondary connection) (DB) (DB) 1510 / CAR IDS DB. CAR IDS engine listens on waiting for connection requests from the clients. (DB) (DB) 1511 / CAR IDS DB. An alternate port used to bring up a second instance of CAR IDS during upgrade. (DB) (DB) 1515 / Database replication between nodes during installation Cisco Extended Functions (QRT) (DB) 2552 / Allows subscribers to receive Cisco Unified Communications database change notification 2551 / Intracluster communication between Cisco Extended Services for Active/Backup determination (RIS) (RIS) 2555 / Real-time Information Services (RIS) database server (RTMT/AMC/SOAP) (RIS) 2556 / Real-time Information Services (RIS) database client for Cisco RIS (DRS) (DRS) 4040 / DRS Master Agent (Tomcat) (SOAP) 5001/ This port is used by SOAP monitor for Real Time Monitoring Service. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 5

Port descriptions () Port Purpose (Tomcat) (SOAP) 5002/ This port is used by SOAP monitor for Performance Monitor Service. (Tomcat) (SOAP) 5003/ This port is used by SOAP monitor for Control Center Service. (Tomcat) (SOAP) 5004/ This port is used by SOAP monitor for Log Collection Service. (Tomcat) (SOAP) 5007 / SOAP monitor (RTMT) (TCTS) / Cisco Trace Collection Tool Service (TCTS) -- the back end service for RTMT Trace and Log Central (TLC) (Tomcat) (TCTS) 7000, 7001, 7002 / This port is used for communication between Cisco Trace Collection Tool Service and Cisco Trace Collection servlet. (DB) (CDLM) 8001 / Client database change notification (SDL) (SDL) 8002 / Intracluster communication service (SDL) (SDL) 8003 / Intracluster communication service (to CTI) CMI 8004 / Intracluster communication between Cisco Unified Communications and CMI (Tomcat) (Tomcat) 8005 / Internal listening port used by Tomcat shutdown scripts and UDP Port Usage Guide for Cisco, Release 10.0(1) 6 OL-28669-02

Port descriptions () Port Purpose (Tomcat) (Tomcat) 8080 / Communication between servers used for diagnostic tests (IPSec) (IPSec) 8500 / and UDP Intracluster replication of system data by IPSec Cluster (RIS) (RIS) 8888-8889 / RIS Service status request and reply Location Bandwidth (LBM) Location Bandwidth (LBM) 9004 / Intracluster communication between LBMs Table 3: Common Service Ports () Port Purpose Endpoint Endpoint 7 Internet Control Message (ICMP) This protocol number carries echo-related traffic. It does not constitute a port as indicated in the column heading. Endpoint (DHCP Server) 67 / UDP Cisco Unified Communications acting as a DHCP server Note Cisco does not recommend running DHCP server on Cisco Unified Communications. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 7

Port descriptions () Port Purpose DHCP Server 68 / UDP Cisco Unified Communications acting as a DHCP client Note Cisco does not recommend running DHCP client on Cisco Unified Communications. Configure Cisco Unified Communications with static IP addresses instead.) Endpoint or 69, 6969, then / UDP Trivial File Transfer (TFTP) service to phones and gateways Endpoint or 6970 / Trivial File Transfer (TFTP) between master and proxy servers. HTTP service from the TFTP server to phones and gateways. NTP Server 123 / UDP Network Time (NTP) SNMP Server 161 / UDP SNMP service response (requests from management applications) CUCM Server SNMP Master Agent application SNMP trap destination 162 / UDP SNMP traps SNMP Server 199 / Native SNMP agent listening port for SMUX support DHCP Server 546 / UDP DHCPv6. DHCP port for IPv6. and UDP Port Usage Guide for Cisco, Release 10.0(1) 8 OL-28669-02

Port descriptions () Port Purpose Serviceability Location Bandwidth (LBM) 5546 / Enhanced Location CAC Serviceability Location Bandwidth (LBM) 5547 / Call Admission requests and bandwidth deductions 6161 / UDP Used for communication between Master Agent and Native Agent to process Native agent MIB requests 6162 / UDP Used for communication between Master Agent and Native Agent to forward notifications generated from Native Agent Centralized TFTP Alternate TFTP 6970 / Centralized TFTP File Locator Service 7161 / Used for communication between SNMP Master Agent and subagents SNMP Server 7999 / Cisco Discovery (CDP) agent communicates with CDP executable Endpoint 8443 / Used for Cisco User Data Services (UDS) requests 9050 / Service CRS requests through the TAPS residing on Cisco Unified Communications and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 9

Port descriptions () Port Purpose 61441 / UDP Cisco Unified Communications applications send out alarms to this port through UDP. Cisco MIB agent listens on this port and generates SNMP traps per Cisco Unified Communications MIB definition. 5060, 5061 / Provide trunk-based SIP services 7501 Used by Intracluster Lookup Service (ILS) for certificate based authentication. 7502 Used by ILS for password based authentication. Table 4: Ports Between Cisco and LDAP Directory () Port Purpose External Directory External Directory 389, 636, 3628, 3629 / Lightweight Directory Access (LDAP) query to external directory (Active Directory, Netscape Directory) Table 5: Web Requests CCMAdmin or CCMUser to Cisco () Port Purpose Browser 80, 8080 / Hypertext (HTTP) Browser 443, 8443 / Hypertext over SSL (HTTPS) and UDP Port Usage Guide for Cisco, Release 10.0(1) 10 OL-28669-02

Port descriptions Table 6: Web Requests Cisco to Phone () Port Purpose Phone 80 / Hypertext (HTTP) QRT RTMT Find and List Phones page Phone Configuration page Table 7: Signaling, Media, and Other Communication Between Phones and Cisco () Port Purpose Phone (TFTP) 69, then / UDP Trivial File Transfer (TFTP) used to download firmware and configuration files Phone 8080 / Phone URLs for XML applications, authentication, directories, services, etc. You can configure these ports on a per-service basis. Phone 2000 / Skinny Client Control (SCCP) Phone 2443 / Secure Skinny Client Control (SCCPS) Phone 2445 / Provide trust verification service to endpoints. Phone (CAPF) 3804 / Certificate Authority Proxy Function (CAPF) listening port for issuing Locally Significant Certificates (LSCs) to IP phones and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 11

Port descriptions () Port Purpose Phone 5060 / and UDP Session Initiation (SIP) phone Phone Phone 5061 Secure Session Initiation (SIPS) phone Phone Phone (TFTP) 6970 HTTP-based download of firmware and configuration files IP VMS Phone Phone IP VMS 16384-32767 / UDP Real-Time (RTP), Secure Real-Time (SRTP) Note Cisco Unified Communications only uses 24576-32767 although other devices use the full range. Table 8: Signaling, Media, and Other Communication Between s and Cisco () Port Purpose 47, 50, 51 Generic Routing Encapsulation (GRE), Encapsulating Security Payload (ESP), Authentication Header (AH). These protocols numbers carry encrypted IPSec traffic. They do not constitute a port as indicated in the column heading. and UDP Port Usage Guide for Cisco, Release 10.0(1) 12 OL-28669-02

Port descriptions () Port Purpose 500 / UDP Internet Key Exchange (IKE) for IP Security protocol (IPSec) establishment (TFTP) 69, then / UDP Trivial File Transfer (TFTP) with Cisco Intercompany Media Engine (CIME) trunk CIME ASA 1024-65535 / Port mapping service. Only used in the CIME off-path deployment model. Gatekeeper 1719 / UDP Gatekeeper (H.225) RAS 1720 / H.225 signaling services for H.323 gateways and Intercluster Trunk (ICT) / H.225 signaling services on gatekeeper-controlled trunk / H.245 signaling services for establishing voice, video, and data 2000 / Skinny Client Control (SCCP) 2001 / Upgrade port for 6608 gateways with Cisco deployments 2002 / Upgrade port for 6624 gateways with Cisco deployments and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 13

Port descriptions () Port Purpose 2427 / UDP Media Control (MGCP) gateway control 2428 / Media Control (MGCP) backhaul -- -- 4000-4005 / These ports are used as phantom Real-Time (RTP) and Real-Time Control (R) ports for audio, video and data channel when Cisco does not have ports for these media. 5060 / and UDP Session Initiation (SIP) gateway and Intercluster Trunk (ICT) 5061 / Secure Session Initiation (SIPS) gateway and Intercluster Trunk (ICT) 16384-32767 / UDP Real-Time (RTP), Secure Real-Time (SRTP) Note Cisco Unified Communications only uses 24576-32767 although other devices use the full range. and UDP Port Usage Guide for Cisco, Release 10.0(1) 14 OL-28669-02

Port descriptions Table 9: Communication Between Applications and Cisco () Port Purpose CTL Client CTL Provider 2444 / Certificate Trust List (CTL) provider listening service in Cisco Unified Communications Cisco Unified Communications App 2748 / CTI application server Cisco Unified Communications App 2749 / TLS connection between CTI applications (JTAPI/TSP) and CTI Cisco Unified Communications App 2789 / JTAPI application server Assistant Console 2912 / Cisco Unified Communications Assistant server (formerly IPMA) Attendant Console 1103-1129 / Cisco Unified Communications Attendant Console (AC) JAVA RMI Registry server Attendant Console 1101 / RMI server sends RMI callback messages to clients on these ports. Attendant Console 1102 / Attendant Console (AC) RMI server bind port -- RMI server sends RMI messages on these ports. Attendant Console 3223 / UDP Cisco Unified Communications Attendant Console (AC) server line state port receives ping and registration message from, and sends line states to, the attendant console server. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 15

Port descriptions () Port Purpose Attendant Console 3224 / UDP Cisco Unified Communications Attendant Console (AC) clients register with the AC server for line and device state information. Attendant Console 4321 / UDP Cisco Unified Communications Attendant Console (AC) clients register to the AC server for call control. with SAF/CCD IOS Router running SAF image 5050 / Multi-Service IOS Router running EIGRP/SAF. Cisco Intercompany Media Engine (IME) Server 5620 / Cisco recommends a value of 5620 for this port, but you can change the value by executing the add ime vapserver or set ime vapserver port CLI command on the Cisco IME server. VAP protocol used to communicate to the Cisco Intercompany Media Engine server. Cisco Unified Communications App 8443 / AXL / SOAP API for programmatic reads from or writes to the Cisco database that third parties such as billing or telephony management applications use. Table 10: Communication Between CTL Client and Firewalls () Port Purpose CTL Client TLS Proxy Server 2444 / Certificate Trust List (CTL) provider listening service in an ASA firewall and UDP Port Usage Guide for Cisco, Release 10.0(1) 16 OL-28669-02

References Table 11: Special Ports on HP Servers () Port Purpose Endpoint HP SIM 2301 / HTTP port to HP agent Endpoint HP SIM 2381 / HTTPS port to HP agent Endpoint Compaq Management Agent 25375, 25376, 25393 / UDP COMPAQ Management Agent extension (cmax) Endpoint HP SIM 50000-50004 / HTTPS port to HP SIM References Firewall application inspection guides ASA Series reference information http://www.cisco.com/en/us/products/ps6120/tsd_products_support_series_home.html PIX 6.3 Application Inspection Configuration Guide http://www.cisco.com/en/us/docs/security/pix/pix63/configuration/guide/fixup.html PIX 7.1 Application Inspection Configuration Guide http://www.cisco.com/en/us/docs/security/asa/asa71/configuration/guide/inspect.html FWSM 3.1 Application Inspection Configuration Guide http://www.cisco.com/en/us/docs/security/fwsm/fwsm31/configuration/guide/inspct_f.html IETF /UDP port assignment list Internet Assigned Numbers Authority (IANA) IETF assigned Port List http://www.iana.org/assignments/port-numbers IP telephony configuration and port utilization guides Cisco CRS 4.0 (IP IVR and IPCC Express) Port Utilization Guide http://www.cisco.com/en/us/products/sw/custcosw/ps1846/products_installation_and_configuration_guides_ list.html Port Utilization Guide for Cisco ICM/IPCC Enterprise and Hosted Editions http://www.cisco.com/en/us/products/sw/custcosw/ps1001/products_installation_and_configuration_guides_ list.html and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 17

References Cisco Express Security Guide to Best Practices http://www.cisco.com/en/us/netsol/ns340/ns394/ns165/ns391/networking_solutions_design_ guidance09186a00801f8e30.html Cisco Unity Express Security Guide to Best Practices http://www.cisco.com/en/us/netsol/ns340/ns394/ns165/ns391/networking_solutions_design_ guidance09186a00801f8e31.html#wp41149 VMware port assignment list and UDP Ports for vcenter Server, ESX hosts, and Other Network Components Management Access and UDP Port Usage Guide for Cisco, Release 10.0(1) 18 OL-28669-02

PART II Service and UDP port usage Port Usage Information for the Service, page 21

CHAPTER 2 Port Usage Information for the Service Port usage overview, page 21 Information collated in table, page 21 service port list, page 22 Port usage overview This document provides a list of the and UDP ports that the Service uses for intracluster connections and for communications with external applications or devices. It provides important information for the configuration of firewalls, Access Control Lists (ACLs), and quality of service (QoS) on a network when an IP Communications solution is implemented. Note Cisco has not verified all possible configuration scenarios for these ports. If you are having configuration problems using this list, contact Cisco technical support for assistance. While virtually all protocols are bidirectional, this document gives directionality from the session originator perspective. In some cases, the administrator can manually change the default port numbers, though Cisco does not recommend this as a best practice. Be aware that the Service opens several ports strictly for internal use. Ports in this document apply specifically to the Service. Some ports change from one release to another, and future releases may introduce new ports. Therefore, make sure that you are using the correct version of this document for the version of Service that is installed. Configuration of firewalls, ACLs, or QoS will vary depending on topology, placement of devices and services relative to the placement of network security devices, and which applications and telephony extensions are in use. Also, bear in mind that ACLs vary in format with different devices and versions. Information collated in table Table 1 defines the information collated in each of the tables in this document. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 21

service port list Table 12: Definition of Table Information Table Heading To Role Description The client sending requests to this port The client receiving requests on this port A client or server application or process Either a Session-layer protocol used for establishing and ending communications, or an Application-layer protocol used for request and response transactions A -layer protocol that is connection-oriented () or connectionless (UDP) The port used for receiving requests The port used for sending requests service port list The following tables show the ports that the Service uses for intracluster and intercluster traffic. Table 13: Service Release 9.x Ports - SIP Proxy Requests () SIP -------------- -------------- SIP SIP /UDP 5060 Default SIP Proxy UDP and Listener SIP SIP TLS 5061 TLS Server Authentication listener port SIP TLS 5062 TLS Mutual Authentication listener port SIP UDP / 5049 Internal port. Localhost traffic only. and UDP Port Usage Guide for Cisco, Release 10.0(1) 22 OL-28669-02

service port list () HTTP 8081 Used for HTTP requests from the Config Agent to indicate a change in configuration. Third-party Client HTTP 8082 Default HTTP Listener. Used for Third-Party Clients to connect Third-party Client HTTPS TLS / 8083 Default HTTPS Listener. Used for Third-Party Clients to connect Table 14: Service Release 9.x Ports - Engine Requests () ( Engine) SIP UDP / 5080 Default SIP UDP/ Listener port ( Engine) ( Engine) Livebus UDP 50000 Internal port. Localhost traffic only. LiveBus messaging port. The IM and Service uses this port for cluster communication. Table 15: Service Release 9.x Ports - Cisco Tomcat WebRequests () Browser HTTPS 8080 Used for web access Browser AXL / HTTPS TLS / 8443 Provides database and serviceability access via SOAP and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 23

service port list () Browser HTTPS TLS / 8443 Provides access to Web administration Browser HTTPS TLS / 8443 Provides access to User option pages Browser SOAP TLS / 8443 Provides access to Cisco Unified Personal Communicator, Cisco Unified Mobility Advantage, and third-party API clients via SOAP Table 16: Service Release 9.x Ports - External Corporate Directory Requests () -------------- External Corporate Directory External Corporate Directory -------------- LDAP 389 Allows the Directory protocol to integrate with the external Corporate Directory. The LDAP port depends on the Corporate Directory (389 is the default). In case of Netscape Directory, customer can configure different port to accept LDAP traffic. External Corporate Directory LDAPS 636 Allows the Directory protocol to integrate with the external Corporate Directory. LDAP port depends on the Corporate Directory (636 is the default). and UDP Port Usage Guide for Cisco, Release 10.0(1) 24 OL-28669-02

service port list Table 17: Service Release 9.x Ports - Configuration Requests () (Config Agent) (Config Agent) 8600 Config Agent heartbeat port Table 18: Service Release 9.x Ports - Certificate Requests () Certificate 7070 Internal port - Localhost traffic only Table 19: Service Release 9.x Ports - IDS Database Requests () (Database) (Database) 1500 Internal IDS port for Database clients. Localhost traffic only. (Database) (Database) 1501 Internal port - this is an alternate port to bring up a second instance of IDS during upgrade. Localhost traffic only. (Database) (Database) XML 1515 Internal port. Localhost traffic only. DB replication port and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 25

service port list Table 20: Service Release 9.x Ports - IPSec Requests () (IPSec) (IPSec) Proprietary UDP/ 8500 8500 Internal port - cluster manager port used by the ipsec_mgr daemon for cluster replication of platform data (hosts) certs Table 21: Service Release 9.x Ports - DRF Master Agent Server Requests () (DRF) (DRF) 4040 DRF Master Agent server port, which accepts connections from Local Agent, GUI, and CLI Table 22: Service Release 9.x Ports - RISDC Requests () (RIS) (RIS) 2555 Real-time Information Services (RIS) database server. Connects to other RISDC services in the cluster to provide clusterwide real-time information (RTMT/AMC/ SOAP) (RIS) 2556 Real-time Information Services (RIS) database client for Cisco RIS. Allows RIS client connection to retrieve real-time information and UDP Port Usage Guide for Cisco, Release 10.0(1) 26 OL-28669-02

service port list () (RIS) (RIS) 8889 8888 Internal port. Localhost traffic only. Used by RISDC (System Access) to link to servm via for service status request and reply Table 23: Service Release 9.x Ports - SNMP Requests () SNMP Server SNMP UDP 161, 8161 Provides services for SNMP-based management applications SNMP UDP 6162 Native SNMP agent that listens for requests forwarded by SNMP master agents SNMP UDP 6161 SNMP Master agent that listens for traps from the native SNMP agent, and forwards to management applications SNMP Server 7999 Used as a socket for the cdp agent to communicate with the cdp binary 7161 Used for communication between the SNMP master agent and subagents SNMP Trap Monitor SNMP UDP 162 Sends SNMP traps to management applications SNMP UDP Configurable 61441 Internal SNMP trap receiver and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 27

service port list Table 24: Service Release 9.x Ports - Racoon Server Requests () -------------- -------------- Ipsec UDP 500 Enables Internet Security Association and the Key Management Table 25: Service Release 9.x Ports - System Service Requests () (RIS) (RIS) XML 8888 and 8889 Internal port. Localhost traffic only. Used to listen to clients communicating with the RIS Service (servm). Table 26: Service Release 9.x Ports - DNS Requests () DNS Server DNS UDP 53 The port that DNS server listen on for DNS queries. To: DNS Server : Table 27: Service Release 9.x Ports - SSH/SFTP Requests () Endpoint SSH / SFTP 22 Used by many applications to get command line access to the server. Also used between nodes for certificate and other file exchanges (sftp) and UDP Port Usage Guide for Cisco, Release 10.0(1) 28 OL-28669-02

service port list Table 28: Service Release 9.x Ports - ICMP Requests () -------------- Cisco Unified Communications Cisco Unified Communications -------------- ICMP IP Not Applicable Internet Control Message (ICMP). Used to communicate with the Cisco Unified Communications server Table 29: Service Release 9.x Ports - NTP Requests () NTP Server NTP UDP 123 Cisco Unified Communications is the acting NTP server. Used by subscriber nodes to synchronize time with the publisher node. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 29

service port list Table 30: Service Release 9.x Ports - Microsoft Exchange Notify Requests () Microsoft Exchange HTTP (HTTPu) ) WebDAV - HTTP /UDP/IP notifications 2) EWS - HTTP/ /IP SOAP notifications server port (default 50020) Microsoft Exchange uses this port to send notifications (using NOTIFY message) to indicate a change to a particular subscription identifier for calendar events. Used to integrate with any Exchange server in the network configuration. Both ports are created. The kind of messages that are sent depend on the type of Calendar Backend gateway(s) that are configured. Table 31: Service Release 9.x Ports - SOAP Services Requests () (Tomcat) (SOAP) 5007 SOAP monitor port Table 32: Service Release 9.x Ports - AMC RMI Requests () RTMT 1090 AMC RMI Object port. Cisco AMC Service for RTMT performance monitors, data collection, logging, and alerting. RTMT 1099 AMC RMI Registry port. Cisco AMC Service for RTMT performance monitors, data collection, logging, and alerting. and UDP Port Usage Guide for Cisco, Release 10.0(1) 30 OL-28669-02

service port list Table 33: Service Release 9.x Ports - XCP Requests () XMPP Client 5222 Client access port 5269 Server to Server connection (S2S) port Third-party BOSH client 7335 HTTP listening port used by the XCP Web Connection for BOSH third-party API connections (XCP Services) (XCP Router 7400 XCP Router Master Accept Port. XCP services that connect to the router from an Open Port Configuration (for example XCP Authentication Component Service) typically connect on this port. (XCP Router (XCP Router UDP UDP 5353 MDNS port. XCP routers in a cluster use this port to discover each other. Table 34: Service Release 9.x Ports - External Database (PostgreSQL) Requests () PostgreSQL database 5432 1 PostgreSQL database listening port 1 This is the default port, however you can configure the PostgreSQL database to listen on any port. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 31

service port list Table 35: Service Release 9.x Ports - High Availability Requests () (Server Recovery ) (Server Recovery ) 20075 The port that Cisco Server Recovery uses to provide admin rpc requests. (Server Recovery ) (Server Recovery ) UDP UDP 22001 The port that Cisco Server Recovery uses to communicate with its peer. Table 36: Service Release 9.x Ports - In Memory Database Replication Messages () Proprietary 9003 Cisco Datastore dual node presence redundancy group replication. Proprietary 9004 Cisco Login Datastore dual node presence redundancy group replication. Proprietary 9005 Cisco SIP Registration Datastore dual node presence redundancy group replication. Table 37: Service Release 9.x Ports - In Memory Database SQL Messages () Proprietary 6603 Cisco Datastore SQL Queries. Proprietary 6604 Cisco Login Datastore SQL Queries. and UDP Port Usage Guide for Cisco, Release 10.0(1) 32 OL-28669-02

service port list () Proprietary 6605 Cisco SIP Registration Datastore SQL Queries. Proprietary 6606 Cisco Route Datastore SQL Queries. Table 38: Service Release 9.x Ports - In Memory Database Notification Messages () Proprietary 6607 Cisco Datastore XML-based change notification. Proprietary 6608 Cisco Login Datastore XML-based change notification. Proprietary 6609 Cisco SIP Registration Datastore XML-based change notification. Proprietary 6610 Cisco Route Datastore XML-based change notification. See the Cisco Unified Serviceability Administration Guide for information about SNMP. and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 33

service port list and UDP Port Usage Guide for Cisco, Release 10.0(1) 34 OL-28669-02

Glossary AXL / SOAP Cisco XML Layer / Simple Object Access API that applications use to read from or write to the Cisco database. CAPF Certificate Authority Proxy Function Used to load X.509 digital certificates into IP phones. CDLM Cisco Database Layer Monitor Used to synchronize the database with what is running in active memory. CTI Computer Telephony Integration Provides a link between telephone systems and computers to facilitate incoming and outgoing call handling and control; the physical link between a telephone and server. CTL Client Certificate Trust List Client Application that creates the Certificate Trust List that gets loaded into IP phones. This plug-in comes with Cisco and can be run on any computer that has IP connectivity to all Cisco s in the cluster and has a USB port. DRF Disaster Recovery Framework Ports In virtually all cases, source ports are ephemeral, meaning random within a specified range. When an outgoing request is made, the application solicits the host device for a port from its ephemeral pool. In a few cases, the destination port is also ephemeral, meaning that both the source and destination ports are random. JTAPI Java Telephony Application Program Interface Sun Microsystems telephony programming interface for Java. It provides a set of classes and interfaces that provide access to call control and telephony device control as well as media and administrative services. LDAP Lightweight Directory Access Used to validate user credentials against the designated directory service. LDAPS and UDP Port Usage Guide for Cisco, Release 10.0(1) OL-28669-02 35

Glossary Lightweight Directory Access over TLS/SSL Used to validate user credentials against the designated directory service. IP VMS Cisco IP Voice Media Streaming Application Used for music on hold, annunciator, conference bridge, media termination point (MTP), and so on. RIS Real-Time Information Services database Used by the Real-Time Monitoring Tool (RTMT) in the Serviceability application. RTMT Real-Time Monitoring Tool SDL Signal Distribution Layer Link Used for intracluster communications. SOAP Simple Object Access TCTS Trace Collection Tool Service The backend service for RTMT Trace and Log Central (TLC) TFTP Trivial File Transfer Used to load firmware and configurations into phones, gateways, and so on. Tomcat Web server and UDP Port Usage Guide for Cisco, Release 10.0(1) 36 OL-28669-02

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback