02-09-2016 09:09 AM
I have a new install with a USG, CK, USW-24, and some UAC-AP's. Ever since the install the Phones have not worked properly and CLI commands for firewall settings are not my specialty. Can anyone give me a hand? I need to get this working ASAP!!!!
02-09-2016 09:14 AM
Firewall requirements for operation of iCore services from protected LANs.
Allow all traffic To/From : 22.214.171.124, 126.96.36.199, 188.8.131.52, reg.vox.icore.com , reg1.vox.icore.com & reg2.vox.icore.com
HTTP port 80 - User access to web service portal and device configuration files.
HTTPS port 443 - Secure user access to web service portal and device configuration files.
21/FTP (DHCP option 66 setup.vox.icore.com / or ftp.icore.com/bw ) - Access to device files.
Please confirm with your iCore Project manager on which FTP address you’ll be adding to your DHCP Option 66
5060 to 5062 UDP port for SIP - SIP (Session Initiation Protocol) messaging to/from network devices such as network gateways or soft switches.
RTP ports range 1024 to 65534/UDP - Dynamically allocated for each MCP (Media Server Control protocol) session. Default range can be changed using the CLI (Command Line Interface).
2220/TCP for BCCT - Connection to an Application Server to gather information on call centers and agents.
2206/TCP for CAP to Application Server - Connection to an Application Server is to receive CAP (Client Application Protocol) messages.
2208/TCP for OCI/OCS - Connections to Web Server are for gathering call center statistics.
843/TCP Adobe Flash - Adobe Flash policy handshake protocol.
2205/TCP Call Manager - CommPilot Push Protocol. Call Manager Control and updates.
2207/TCP ACAP - Attendant Console control and updates.
Add access to cloudvoip.vox.icore.com
Disable any SIP inspection feature: This option kills traffic between the phone and Broadworks, even though it was ostensibly included to help SIP work better
Ensure that VoIP SIP ALG option is turned OFF. It's ON by default and adversely affects call flows. Located under WAN settings
iCore DNS: Primary: 184.108.40.206, Secondary: 220.127.116.11
02-10-2016 07:44 AM
Beyond disabling SIP ALG in the USG, are there any other VoIP "best practices" that should be done?
(Not to hijack the thread, but I have a client who is having VoIP issues with the USG. They're ready to dump the VoIP provider, but I want to make sure there aren't other settings that should be configred to for VoIP. I *think* it's the provider since everything was working well until yesterday.)