| Answer |
| · What is a Firewall's purpose? The function of a “Firewall” is to protect a private network from unauthorized traffic entering from the Internet. A “Firewall” is software that resides on a server or a standalone hardware device that is running "firewall" software. The Firewall is electronically between the “Edge Router” and the rest of the private network. The firewall allows access to the local network by opening “Ports” or rejects certain types of Internet traffic depending on the configuration of the Firewall.
It is possible to safely allow for videoconferencing to operate through a Firewall, while still providing safety to the private network. [ Back to Top ]
|
| · What are Port Assignments? While communicating over an Internet Protocol (IP) network using either Transport Control Protocol (TCP) or User Datagram Protocol (UDP), the originating device assigns a Port Number to be used for the communication session.
The available ports numbers are 0 to 65535. They are divided into three categories. Port numbers 0 through 1023 are known as “Well Known Port Numbers”. They have been assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) to be used for well know applications such as File Transfer Protocol (FTP).
Numbers from 1024 to 49151 can be registered by organizations for specific applications. If an entity registers a port number or numbers for an application, the organization will use that number and advise end users to open the port or ports on their firewall to allow the use of this application. Companies can allow their products to dynamically select available ports from a range of numbers in this category. The entity must then instruct end users to allow communication on these ports to traverse their firewall.
Numbers from 49152 through 65535 can be dynamically assigned by end points, but can not be reserved for any specific application. Once again, an organization that uses ports from this group must advise the end user of the range of ports the firewall should hold open.
[ Back to Top ]
|
| · What are the differences between TCP vs. UDP? TCP is a transport layer (Layer 4) protocol that incorporates the acknowledgement of received packets and the retransmission of lost packets. This adds latency to the end-to-end communication, but insures the integrity of the transaction. UDP does not provide for either packet acknowledgement or retransmission within the transaction layer. The application can make provision for verification and retransmission. UDP, while less reliable, is faster. UDP is used by videoconferencing in many cases to transmit audio or video data were retransmission is not wanted and speed in the objective.
[ Back to Top ]
|
| · What are the well Known Port Numbers Used in Videoconferencing?
| Port |
Type |
Protocol |
Application |
Manufacturer |
21 |
Static |
TCP |
File
Transfer Protocol for endpoint software upgrades (must be
bi-directional) |
Polycom
and Tandberg |
23 |
Static |
TCP & UDP |
Telnet (must
be bi-directional) |
Polycom,
Sony, Tandberg |
80 |
Static |
TCP |
Hypertext
Transfer Protocol (HTTP) - web browser interface for codec control
and menus |
Polycom,
Sony, Tandberg |
161 |
Static |
UDP |
Simple
Network Management Protocol (SNMP) Queries |
Tandberg |
389 |
Static |
TCP |
Lightweight
Directory Access Protocol (LDAP) – ILS registration |
Polycom |
962 |
Static |
UDP |
Simple
Network Management Protocol (SNMP) Traps |
Tandberg |
963 |
Static |
TCP |
This
port is not assigned, but Tandberg uses it for Netlog |
Tandberg |
964 |
Static |
TCP |
This
port is not assigned, but Tandberg uses it for FTP/data |
Tandberg |
965 |
Static |
TCP |
This
port is not assigned, but Tandberg uses it for VNC |
Tandberg |
970 |
Static |
UDP |
This
port is not assigned, but Tandberg uses it for Real-time Transport
Protocol (RTP) for streaming video |
Tandberg |
971 |
Static |
UDP |
This
port is not assigned, but Tandberg uses it for Real-time Transport
Control Protocol (RTCP) for streaming video |
Tandberg |
972 |
Static |
UDP |
This
port is not assigned, but Tandberg uses it for Real-time Transport
Protocol (RTP) for streaming audio |
Tandberg |
973 |
Static |
UDP |
This
port is not assigned, but Tandberg uses it for Real-time Transport
Control Protocol (RTCP) for streaming audio |
Tandberg |
974 |
Static |
UDP |
This
port is not assigned, but Tandberg uses it for SAP |
Tandberg |
1002 |
Static |
UDP |
This
port is not assigned, but Vcon uses it for Lightweight Directory
Access Protocol (LDAP) – ILS registration |
Vcon |
[ Back to Top ]
|
· What are the Registered Port Numbers Used in Videoconferencing?
Range |
Type |
Protocol |
Application |
Manufacturer |
1300 |
Static |
TCP & UDP |
This
port is registered to Intel and is used to secure a H.323 host
call – h 323hostcsllsc (must be bi-directional) |
Polycom |
1503 |
Static |
TCP |
This
port is registered to Databeam and is used for T.120 file sharing |
Polycom,
Sony, Tandberg and Vcon |
1718 |
Static |
TCP & UDP |
This
port is registered to Intel and is used to secure a H.323 host
call – h 323gatedisc (must be bi-directional) |
Polycom,
Sony, and Vcon |
1719 |
Static |
TCP & UDP |
This
port is registered to Intel and is used foe gatekeeper RAS – h
323gatestat (must be bi-directional) |
Polycom,
Sony, Tandberg and Vcon |
1720 |
Static |
TCP & UDP |
This
port is registered to Intel and is used to establish a H.323 host
call using Q.931 call setup – h 323hostcall (must be bi-directional) |
Polycom,
Sony, Tandberg and Vcon |
1731 |
Static |
TCP & UDP |
Audio
call control –msiccp – for VoIP |
Polycom |
| |
|
|
|
|
1024
- 65535 |
|
|
|
Vcon |
1024
- 65535 |
|
|
|
|
2253
- 2255 |
Dynamic |
|
Sony
uses an available port in this range for the exchange of H.245
call parameters. (Also known as RTCP) |
Sony |
2326
- 2373 |
Dynamic |
UDP |
Tandberg
uses an available port in this range for video data streams |
Tandberg |
2326
- 2373 |
Dynamic |
UDP |
Tandberg
uses an available port in this range for audio data streams |
Tandberg |
2326
- 2373 |
Dynamic |
UDP |
Tandberg
uses an available port in this range for data transfers and Far
End Camera Control - FECC |
Tandberg |
2979 |
Static |
TCP & UDP |
This
port is registered to ACM for H.263 Video Streaming |
Polycom |
3230
- 3247 |
Dynamic |
UDP |
Polycom
uses an available ports in this range for audio and video |
Polycom |
3230
- 3235 |
Dynamic |
UDP |
Polycom
uses an available port in this range for the exchange of H.245
call parameters. (Also known as RTCP) |
Polycom |
5004
- 6004 |
Dynamic |
TCP |
There
is no registered port for this application, Vcon uses an available
port for H.245 (Call Parameters) |
Vcon |
5004
- 6004 |
Dynamic |
UDP |
There
is no registered port for this application, Vcon uses an available
port for Real-time Transport Protocol (RTP) for streaming video. |
Vcon |
5004
- 6004 |
Dynamic |
UDP |
There
is no registered port for this application, Vcon uses an available
port for Real-time Transport Protocol (RTP) for streaming audio. |
Vcon |
5004
- 6004 |
Dynamic |
UDP |
There
is no registered port for this application, Vcon uses an available
port for Real-time Transport Control Protocol (RTCP) for streaming
video and audio. |
Vcon |
5555-5556 |
Dynamic |
TCP |
Q.931
Call setup |
Tandberg |
11720 |
Static |
TCP & UDP |
This
port is registered to Cisco and is used as an alternative for call
set-up – h 323hostcallsigalt (must be bi-directional) |
Polycom |
22136 |
Static |
TCP |
There
is no registered port for this application, Vcon uses an available
port for remote Vcon endpoint administration |
Vcon |
26505 |
Static |
TCP |
There
is no registered port for this application, Vcon uses an available
port for Remote Console |
Vcon |
[ Back to Top ]
|
| · What are other Port Numbers Used in Videoconferencing?
Range |
Type |
Protocol |
Application |
Man. |
49152
- 49159 |
Dynamic |
UDP |
Sony
uses this range of ports for audio and video data streams |
Sony |
49152
- 49239 |
Dynamic |
UDP |
Sony
uses this range of ports for multipoint |
Sony |
[ Back to Top ]
|
| · What are the Ports Polycom typically uses?
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
224.0.1.41:1718 |
Static |
TCP & UDP |
h323gatedisc
(must be bi-directional) |
1719 |
Static |
TCP & UDP |
h323gatestat
Gatekeeper RAS (must be bi-directional) |
1720 |
Static |
TCP & UDP |
h323hostcall
Q.931 (Call Setup) (must be bi-directional) |
1731 |
Static |
TCP & UDP |
msiccp
Audio Call Control (VoIP) |
3230
- 3247 |
Dynamic |
UDP |
Audio
and Video (must be bidirectional) |
3230
- 3235 |
Dynamic |
TCP |
H.245 call control: aka
RTCP (must
be bidirectional) |
Other: |
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
21 |
Static |
TCP |
FTP
allows upgrade of endpoint software (must
be bidirectional) |
23 |
Static |
TCP |
Telnet
(must be bidirectional) |
80 |
Static |
TCP |
Web
browser interface to codec controls and menus |
389 |
Static |
TCP |
ILS
Registration (LDAP) |
1300 |
Static |
TCP & UDP |
h323hostcsllsc
H323 Host Call Secure |
1503 |
Static |
TCP & UDP |
T.120
(Data Channel in a multipoint) |
2979 |
Static |
TCP & UDP |
H.263
Video Streaming |
11720 |
Static |
TCP & UDP |
h323callsigalt
H.323 Call Signal Alternate |
Typical Firewall ports for Polycom ViaVideo II:
TCP 1720, 1503, 3603
TCP 3230-3231
UDP 3230-3235
Polycom products typically must have port forwarding set for:
- Port 389 (TCP): For ILS
registration
- Port 1503 (TCP): Microsoft
NetMeeting T.120 data sharing
- Port 1718 (UDP): Gatekeeper
discovery
- Port 1719 (UDP): Gatekeeper RAS
(Must be bi-directional)
- Port 1720 (TCP) H.323 Call setup
(Must be bi-directional)
- Port 1731 (TCP): Audio call
control (Must be bi-directional)
- Ports 3230-3235 (TCP/UDP):
Signaling and control for audio,
call, video and data/FECC
- Port 3603 (TCP): ViaVideo Web
interface (ViaVideo users only)
Typical H.323 ViewStation call would
use 2 TCP fixed ports (3230-3231) and 6
UDP fixed ports (3230-3235).
Accord (Polycom Bridge System)
Additional Ports:
- 5001 - Static TCP - MGC Manager
(5003 can be chosen instead within
MGC)
- 21 - Static TCP - FTP (retrieve
MGC config. Files etc.)
|
Polycom
GMS (Global Management System) Ports:
- 21 (FTP) - Software Updates &
Provisioning
- 80 (HTTP) - Pulling ViewStation/VS4000
info
- 3601 (Proprietary) (Data
Traffic) - GAB data
- 3603 - TCP - Pulling ViaVideo
info (since might be non-web server
PC)
- 389 (LDAP and ILS)
- 1002 (ILS)
GMS listens for connections on ports
80 and 3601 (GAB) and in the future will
listen on port 3604 (ViaVideo) and other
potentials later.
|
|
[ Back to Top ]
|
· What are the Ports that Sony PCS typically use?
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
1718 |
Static |
TCP |
h323gatedisc
(must be bi-directional) |
1719 |
Static |
TCP |
h323gatestat |
1720 |
Static |
TCP |
H323hostcall |
2253
- 2255 |
Dynamic |
TCP |
H.245(Call
Parameters) |
49152-
49159 |
Dynamic |
UDP
(RTP/RTCP) |
Audio & Video
Data Streams |
49152
- 49239 |
Dynamic |
UDP |
Multipoint |
[ Back to Top ]
|
| · What are the Ports Tandberg typically use?
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
1719 |
Static |
UDP |
Gatekeeper
RAS |
1720 |
Static |
TCP |
Q.931
(Call Setup) |
5555
- 5556 |
Dynamic |
TCP |
H.245(Call
Parameters) |
2326-
2373 |
Dynamic |
UDP |
Video
Data Streams |
2326-
2373 |
Dynamic |
UDP |
Audio
Data Streams |
2326-
2373 |
Dynamic |
UDP |
Data/FECC |
21 |
Static |
TCP |
FTP |
23 |
Static |
TCP & UDP |
Telnet & NTP
listening socket |
80 |
Static |
TCP |
HTTP |
123 |
Static |
UDP |
NTP |
161 |
Static |
UDP |
SNMP
(Queries) |
962 |
Static |
UDP |
SNMP
(Traps) |
963 |
Static |
TCP |
Netlog |
964 |
Static |
TCP |
FTP/data |
965 |
Static |
TCP |
VNC |
970 |
Static |
UDP |
Streaming/RTP
Video |
971 |
Static |
UDP |
Streaming/RTCP
Video |
972 |
Static |
UDP |
Streaming/RTP
Audio |
973 |
Static |
UDP |
Streaming/RTCP
Audio |
974 |
Static |
UDP |
SAP
(Stream is directed to 224.2.127.254:9875) |
[ Back to Top ]
|
| · What are the Ports VCON Typically use?
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
1718 |
Static |
UDP |
h323gatedisc
(must be bi-directional) |
1719 |
Static |
UDP |
Gatekeeper
RAS |
1720 |
Static |
TCP |
Q.931
(Call Setup) |
5004
- 6004 |
Dynamic |
TCP |
H.245(Call
Parameters) |
5004
- 6004 |
Dynamic |
UDP
(RTP) |
Video
Data Streams |
5004
- 6004 |
Dynamic |
UDP
(RTP) |
Audio
Data Streams |
5004
- 6004 |
Dynamic |
UDP
(RTCP) |
Control
Information |
Optional: |
PORT |
TYPE |
PROTOCOL |
DESCRIPTION |
389 |
Static |
TCP |
ILS
Registration (LDAP) |
1002 |
Static |
TCP |
Site
Server Registration (Windows 2000 Built-in LDAP) |
1503 |
Static |
TCP |
T.120
(Data Channel) |
22136 |
Static |
TCP |
VCON
MXM - Remote VCON Endpoint Admin |
26505 |
Static |
TCP |
VCON
MXM - Remote Console |
[ Back to Top ]
|
|
Marratech Web Conferencing · What are the Ports Marratech typically uses?
In most cases, the Marratech software will work directly through personal and corporate networks. If this is not the case, you may need to configure the following ports in your firewall.
TCP ports: 8000 (for http) and 8001 (for https)
UDP ports: 52000 to 52999
Notes: These ports should be configured in 'allow-return' mode towards the Marratech Manager server's IP address (151.198.208.101). This means that only meetings originating from within your firewall will be allowed through and only to the originating client. Otherwise, data is not allowed through. [ Back to Top ]
|
