Which action is required for a firewall configuration on a Mobile and Remote Access through Cisco Expressway deployment?
A. The external firewall must allow these inbound connections to Expressway: SIP: TCP 5061: HTTPS: TCP 8443; XMPP: TCP 5222; Media: UDP 36002 to 59999.
B. The internal firewall must allow these inbound and outbound connections between Expressway-׀¡ and Expressway-E: SIP: HTTPS (tunneled over SSH between ׀¡ and E): TCP 2222: TCP 7001; Traversal Media: UDP 2776 to 2777 (or 36000 to 36011 for large VM/appliance); XMPP: TCP 7400.
C. Do not use a shared address for Expressway-E and Expressway-׀¡, as the firewall cannot distinguish between them. If static NAT for IP addressing on Expressway-E is used, ensure that any NAT operation on Expressway-׀¡ does not resolve the same traffic IP address. Shared NAT is not supported.
D. The traversal zone on Expressway-׀¡ points to Expressway-E through the peer address field on the traversal zone, which specifies the Expressway-E server address. For dual NIC deployments, set the Expressway-E address using an FQDN that resolves the IP address of the internal interface.
Which action is required for a firewall configuration on a Mobile and Remote Access through Cisco Expressway deployment?
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
Which action is required for a firewall configuration on a Mobile and Remote Access through Cisco Expressway deployment?
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!