[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cisco-voip
Subject:    Re: [cisco-voip] 7965 SCCP 9x thur firewall ?
From:       Mike King <me () mpking ! com>
Date:       2011-10-28 2:05:55
Message-ID: CANtPpk6RdiPv+CF7yziT5ifWoqmT2mz_bPObmRv8435kquXW9A () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


PS, I read thru that again,

I think it's going to get messy:

From: Gateway  To: Unified CM

Port Range:
Ephemeral /
TCP

Service:
H.225 signaling services on gatekeeper-controlled trunk



On Thu, Oct 27, 2011 at 10:00 PM, Mike King <me@mpking.com> wrote:

> Found this:
>
> http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/port/7_0/CCM_7.0PortList.pdf
>
> But one point I really wanted to make, SCCP inspection on the ASA can
> really mess you up.  Make sure your ASA supports the version of SCCP that
> your phone firmware speaks.
>
> I've taken to disabling SCCP inspection (and lately H323 inspection) on all
> of my ASA's, because I've been bitten at the worst times by them.
>
> Mike
>
> On Thu, Oct 27, 2011 at 6:18 PM, Jason Aarons (AM) <
> jason.aarons@dimensiondata.com> wrote:
>
>> I  have a 79xx SCCP 9.2 phone in my ofifce behind a ASA firewall that
>> needs to get to CallManager/Unity/Gateway, etc , any have a sample ACL form
>> a ASA 5500 8x ? ****
>>
>> ** **
>>
>> Basically an internal unit is firewalled off and needs to get to other
>> 79xx phones as well as use the outbound h323 gateways, etc.****
>>
>> ** **
>>
>> ** **
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>

[Attachment #5 (text/html)]

PS, I read thru that again,<div><br></div><div>I think it&#39;s going to get \
messy:</div><div><br></div><div><div>From: Gateway  To: Unified CM \
</div><div><br></div><div>Port Range: </div><div>Ephemeral / </div><div>TCP </div> \
<div><br></div><div>Service:</div><div>H.225 signaling services on \
gatekeeper-controlled trunk</div><div><br></div><div><br></div><br><div \
class="gmail_quote">On Thu, Oct 27, 2011 at 10:00 PM, Mike King <span \
dir="ltr">&lt;<a href="mailto:me@mpking.com">me@mpking.com</a>&gt;</span> wrote:<br> \
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex;"><div>Found this:</div><div><a \
href="http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/port/7_0/CCM_7.0PortList.pdf" \
target="_blank">http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/port/7_0/CCM_7.0PortList.pdf</a></div>
 <div><br></div><div>
But one point I really wanted to make, SCCP inspection on the ASA can really mess you \
up.  Make sure your ASA supports the version of SCCP that your phone firmware \
speaks.</div><div><br></div><div>I&#39;ve taken to disabling SCCP inspection (and \
lately H323 inspection) on all of my ASA&#39;s, because I&#39;ve been bitten at the \
worst times by them.</div>

<div><br></div><div>Mike<br><br><div class="gmail_quote"><div class="im">On Thu, Oct \
27, 2011 at 6:18 PM, Jason Aarons (AM) <span dir="ltr">&lt;<a \
href="mailto:jason.aarons@dimensiondata.com" \
target="_blank">jason.aarons@dimensiondata.com</a>&gt;</span> wrote:<br>

</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="im"><div lang="EN-US" link="blue" \
vlink="purple"><div><p class="MsoNormal">I  have a 79xx SCCP 9.2 phone in my ofifce \
behind a ASA firewall that needs to get to CallManager/Unity/Gateway, etc , any have \
a sample ACL form a ASA 5500 8x ? <u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Basically an internal \
unit is firewalled off and needs to get to other 79xx phones as well as use the \
outbound h323 gateways, etc.<u></u><u></u></p><p class="MsoNormal">

<u></u> <u></u></p><p class="MsoNormal"><u></u> \
<u></u></p></div></div><br></div>_______________________________________________<br> \
cisco-voip mailing list<br> <a href="mailto:cisco-voip@puck.nether.net" \
target="_blank">cisco-voip@puck.nether.net</a><br> <a \
href="https://puck.nether.net/mailman/listinfo/cisco-voip" \
target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br> \
<br></blockquote></div><br></div> </blockquote></div><br></div>



_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic