Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 937 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VOIP Issue with Sophos SSL VPN

AHMED SHATA

Dears

Good Day.

We have CUCM in our company. and internally we use desktop phones plus softphones (Cisco Jabber). without any problem

but when we try to use SSL VPN, it's connected and I can reach all servers and files.

When I try to use the softphone ( Cisco Jabber ), it's connected and can make and receive calls, but we can't hear each other.

I want support from your side.

Regards.



This thread was automatically locked due to age.
Parents
  • 0

    What ports are allowed on your ssl vpn?
    ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi 

    I create a test rule and allow all ports and services.

    Source VPN  - Source Network VPN subnet   - All time

    Destination Any - Destination Network Any  - Service Any

  • 0 in reply to AHMED SHATA

    These are the ports you need for Cisco jabber clients:

    Port Protocol Description
    53 UDP/TCP DNS traffic
    69/6790 UDP TFTP/HTTP Config Download
    80/443 TCP HTTP/HTTPS to Cisco Unity Connection or WebEx
    143 TCP IMAP (TLS or plain TCP) to Cisco Unity Connection
    389/636 TCP LDAP/LDAPS
    993 TCP IMAP (over SSL) to retrieve and manage voice messages
    2748 TCP CTI gateway
    3268/3269 TCP Global Catalog/LDAPs
    5060 UDP/TCP SIP call signaling
    5061 TCP Secure SIP call signaling
    5070 UDP Binary Floor Control Protocol (BFCP) for video desktop sharing
    5222 TCP XMPP
    7993 TCP IMAP (over TLS) access to secure voice messages

    CTI = computer telephony integration; DNS = Domain Name System; IMAP = Internet Message Access Protocol; LDAP = Lightweight Directory Access Protocol; LDAPS = Lightweight Directory Access Protocol over Secure Sockets Layer/Transport Layer Security; SIP = Session Initiation Protocol; XMPP = Extensible Messaging and Presence Protocol.

    Port Protocol Description
    8191 TCP SOAP web services
    8443 TCP HTTPS for CCMCIP profiles and UDS
    16384-32766 UDP RTP media streams for audio and video

    I guess It's the high ports that block your audio

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    Hi Sir

    if i select any service, this means all services and ports ?

    or i must add one by one port and service as you mentioned.

    Regards.

Reply Children
  • 0 in reply to AHMED SHATA

    Hello,

    for testing purposes it is okay to use an any/any firewall rule.

    Once done, you should consider to open only those ports for te services you actualle use.

    So maybe only a small number of ports is needed for your normal usage.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML