Contents

• Ports
• Virtualization Experience Media Engine
• Virtualization Experience Client Manager
• Cisco Jabber
• ICMP requests

Ports

---

This document provides lists of the ports used by Cisco Virtualization Experience Media Engine, and also by Virtualization Experience Client Manager and by Cisco Jabber. If your network includes firewalls between any of these components, you must open these ports. Configuration of firewalls, ACLs, or QoS varies depending on topology, placement of devices and services relative to the placement of network security devices, and depending on which applications and telephony extensions are in use.

Note	Cisco has not verified all possible configuration scenarios for these ports. If you are having configuration problems using these lists, contact Cisco technical support for assistance.

Virtualization Experience Media Engine

Table 1 Virtualization Experience Media Engine port usage

Ports	Usage
22	SSH connections.
69	Outbound traffic for TFTP.
80 and 443	Inbound and outbound connections for the VXC Manager agent (netxserv service). Only the VXC Manager server has access to this service.
80, 443, and 4172	TCP communications for VMware View Client.
443	Connections to VMware View Connection server.
1494	Citrix ICA connection for the hosted virtual desktop (HVD).
1494 to 2598	Citrix receiver communication with the thin client.
5060	Outbound TCP connections for SIP.
5061	Outbound TLS connections, for secure SIP.
16384 to 32766	Inbound and outbound connections for RTP (audio and video streams).
5800	Inbound connections for VNC Server (vino-server). The default configuration blocks connections that use the VNC protocol.
8443	Cisco CUCM Connection over SSL.

Note	Virtual Channel communications travel over ICA / PCoIP connections.

For more information about port usage for VMware, see http:/​/​pubs.vmware.com/​view-50/​index.jsp?topic=/​com.vmware.view.security.doc/​GUID-A0B8412C-6C42-4C78-90B2-C1B2A2237AD1.html.

For more information about port usage for Citrix, see http:/​/​support.citrix.com/​servlet/​KbServlet/​download/​2389-102-654859/​CitrixPorts_​by_​Port_​1103.pdf.

Virtualization Experience Client Manager

Table 2 Virtualization Experience Client Manager port usage

Cisco VXC Manager Component	Protocol	Port	Function
GUI	HTTP	80 280	Communicate with the Web Service and Standard Service.
	FTP	21	Register new packages into the Master Software Repository. Note    Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager.
	OLE DB	1433 (default) Can be configured during installation	Communicate with the Cisco VXC Manager Database.
	VNC	5800 5900	Remote shadows devices.
Web Service	HTTP	80 280	Communicate with the Web Agent, GUI, and Standard Service.
	HTTPS	443 8443	Secure Communication with the Web Agent, GUI, and Standard Service.
	OLE DB	1433 (default) Can be configured during installation	Communicate with the Cisco VXC Manager Database.
Web Agent	HTTP	80 280	Communicate with the Web Service.
	FTP	21	Read and write files to the Master and Remote Software Repositories. Note    Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager.
Standard Service	OLE DB	1433 (default) Can be configured during installation	Communicate with the Cisco VXC Manager Database.
	HTTP	8008	Communicate with the GUI and Web Service.
Standard Service and PXE	DHCP	67 68 4011	Process UDP requests from PXE-enabled devices to the Standard Service.
	TFTP	69	Download bootable image to enable management processing.
	HTTP	80	Communicate with the Web Service regarding actions and status of current task.
	FTP	21	Download and upload files to the Master and Remote Software Repositories. Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager.
Standard Service and legacy support for older Cisco VXC Manager Agents	UDP	44956 44957	Discover devices (using subnet directed broadcasts) that have older Cisco VXC Manager Agents (5.0.0.x and earlier) installed.
	TCP	44955	Discover devices using IP Range Walking. Upgrade devices that have an older Cisco VXC Manager Agent (5.0.0.x and earlier) installed.
ThreadX Manager Service	TCP	9880 50000	Uses these ports to communicate with ThreadX devices.

Cisco Jabber

Table 3 Cisco Jabber for Windows port usage

Port	Protocol	Description
Inbound
16384 to 32766	UDP	Receives Real-Time Transport Protocol (RTP) media streams for audio and video. You set these ports in Cisco Unified Communications Manager.
Outbound
69	UDP	Connects to the Trivial File Transfer Protocol (TFTP) server.
6970	HTTP	Connects to the TFTP server to download Cisco Jabber for Windows configuration files.
80	TCP (HTTP)	Connects to services such as Cisco WebEx Meeting Center for meetings or Cisco Unity Connection for voicemail.
143	IMAP (TCP)	Connects to Cisco Unity Connection to access, download, and play voicemail messages.
389	UDP / TCP	Connects to an LDAP directory service.
3268	TCP	Connects to a Global Catalog server for contact searches.
443	TCP (HTTPS)	Connects to services such as such as Cisco WebEx Meeting Center for meetings or Cisco Unity Connection for voicemail.
636	LDAPS	Connects securely to an LDAP directory service.
3269	LDAPS	Connects securely to the Global Catalog server.
993	IMAP (SSL)	Connects to Cisco Unity Connection to retrieve and manage the list of voice messages for the user, and the voice messages themselves.
2748	TCP	Connects to the CTI gateway, which is the CTI Manager component of Cisco Unified Communications Manager.
5060	UDP / TCP	Provides Session Initiation Protocol (SIP) call signaling.
5061	TCP	Provides secure SIP call signaling.
5222	TCP (XMPP)	Connects to Cisco Unified Presence for instant messaging and presence.
7993	IMAP (TLS)	Connects to Cisco Unity Connection to access, download, and play secure voicemail messages.
8191	TCP	Connects to the local port to provide Simple Object Access Protocol (SOAP) web services.
8443	HTTPS	8443 is the port for web access to Cisco Unified Communications Manager and includes connections for the following: Cisco Unified Communications Manager IP Phone (CCMCIP) server for assigned devices. User Data Service (UDS) for contact resolution.
16384 to 32766	UDP	Sends RTP media streams for audio and video.
53	DNS	Provides hostname resolution.
1080	SOCKS5 Bytestreams	Sends peer to peer file transfers. If port 1080 is in use, Cisco Jabber for Windows attempts to use the next available port in the range from 1081 to 1089. In on-premises deployments, Cisco Jabber for Windows also uses this port to send screen captures.

ICMP requests

Cisco Jabber for Windows sends Internet Control Message Protocol (ICMP) requests to the TFTP server. Cisco Jabber uses these requests to determine whether it can connect to Cisco Unified Communications Manager. Therefore, you must configure your firewall settings to allow ICMP requests from the client. If your firewall does not allow ICMP requests, Cisco Jabber for Windows cannot establish a connection to Cisco Unified Communications Manager.

Notices

Copyright © 2014, Cisco Systems, Inc. All rights reserved.