Contents
Ports
This document provides lists of the ports used by Cisco Virtualization Experience Media Engine, and also by Virtualization Experience Client Manager and by Cisco Jabber. If your network includes firewalls between any of these components, you must open these ports. Configuration of firewalls, ACLs, or QoS varies depending on topology, placement of devices and services relative to the placement of network security devices, and depending on which applications and telephony extensions are in use.
NoteCisco has not verified all possible configuration scenarios for these ports. If you are having configuration problems using these lists, contact Cisco technical support for assistance.
Virtualization Experience Media Engine
Table 1 Virtualization Experience Media Engine port usage Ports Usage 22 SSH connections. 69 Outbound traffic for TFTP. 80 and 443 Inbound and outbound connections for the VXC Manager agent (netxserv service). Only the VXC Manager server has access to this service. 80, 443, and 4172 TCP communications for VMware View Client. 443 Connections to VMware View Connection server. 1494 Citrix ICA connection for the hosted virtual desktop (HVD). 1494 to 2598 Citrix receiver communication with the thin client. 5060 Outbound TCP connections for SIP. 5061 Outbound TLS connections, for secure SIP. 16384 to 32766 Inbound and outbound connections for RTP (audio and video streams). 5800 Inbound connections for VNC Server (vino-server). The default configuration blocks connections that use the VNC protocol. 8443 Cisco CUCM Connection over SSL.
NoteVirtual Channel communications travel over ICA / PCoIP connections.
For more information about port usage for VMware, see http://pubs.vmware.com/view-50/index.jsp?topic=/com.vmware.view.security.doc/GUID-A0B8412C-6C42-4C78-90B2-C1B2A2237AD1.html.
For more information about port usage for Citrix, see http://support.citrix.com/servlet/KbServlet/download/2389-102-654859/CitrixPorts_by_Port_1103.pdf.
Virtualization Experience Client Manager
Table 2 Virtualization Experience Client Manager port usage Cisco VXC Manager Component
Protocol
Port
Function
GUI
HTTP
80
280
Communicate with the Web Service and Standard Service.
FTP
21
Register new packages into the Master Software Repository.
Note Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager.
OLE DB
1433 (default)
Can be configured during installation
Communicate with the Cisco VXC Manager Database.
VNC
5800
5900
Remote shadows devices.
Web Service
HTTP
80
280
Communicate with the Web Agent, GUI, and Standard Service.
HTTPS
443
8443
Secure Communication with the Web Agent, GUI, and Standard Service.
OLE DB
1433 (default)
Can be configured during installation
Communicate with the Cisco VXC Manager Database.
Web Agent
HTTP
80
280
Communicate with the Web Service.
FTP
21
Read and write files to the Master and Remote Software Repositories.
Note Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager. Standard Service
OLE DB
1433 (default)
Can be configured during installation
Communicate with the Cisco VXC Manager Database.
HTTP
8008
Communicate with the GUI and Web Service.
Standard Service and PXE
DHCP
67
68
4011
Process UDP requests from PXE-enabled devices to the Standard Service.
TFTP
69
Download bootable image to enable management processing.
HTTP
80
Communicate with the Web Service regarding actions and status of current task.
FTP
21
Download and upload files to the Master and Remote Software Repositories.
Although FTP uses port 21 as the control port, by default it also uses additional ephemeral ports for data transfers. To allow the data transfers to clients located behind a firewall or Cisco Virtual Office router, you must open these additional ports in the firewall or Cisco Virtual Office router. This requirement is standard for FTP connections, and is not specific to the implementation of Cisco VXC Manager.
Standard Service and legacy support for older Cisco VXC Manager Agents
UDP
44956
44957
Discover devices (using subnet directed broadcasts) that have older Cisco VXC Manager Agents (5.0.0.x and earlier) installed.
TCP
44955
Discover devices using IP Range Walking. Upgrade devices that have an older Cisco VXC Manager Agent (5.0.0.x and earlier) installed.
ThreadX Manager Service
TCP
9880
50000
Uses these ports to communicate with ThreadX devices.
Cisco Jabber
Table 3 Cisco Jabber for Windows port usage Port
Protocol
Description
Inbound
16384 to 32766
UDP
Receives Real-Time Transport Protocol (RTP) media streams for audio and video. You set these ports in Cisco Unified Communications Manager.
Outbound
69
UDP
Connects to the Trivial File Transfer Protocol (TFTP) server.
6970
HTTP
Connects to the TFTP server to download Cisco Jabber for Windows configuration files.
80
TCP (HTTP)
Connects to services such as Cisco WebEx Meeting Center for meetings or Cisco Unity Connection for voicemail.
143
IMAP (TCP)
Connects to Cisco Unity Connection to access, download, and play voicemail messages.
389
UDP / TCP
Connects to an LDAP directory service.
3268
TCP
Connects to a Global Catalog server for contact searches.
443
TCP (HTTPS)
Connects to services such as such as Cisco WebEx Meeting Center for meetings or Cisco Unity Connection for voicemail.
636
LDAPS
Connects securely to an LDAP directory service.
3269
LDAPS
Connects securely to the Global Catalog server.
993
IMAP (SSL)
Connects to Cisco Unity Connection to retrieve and manage the list of voice messages for the user, and the voice messages themselves.
2748
TCP
Connects to the CTI gateway, which is the CTI Manager component of Cisco Unified Communications Manager.
5060
UDP / TCP
Provides Session Initiation Protocol (SIP) call signaling.
5061
TCP
Provides secure SIP call signaling.
5222
TCP (XMPP)
Connects to Cisco Unified Presence for instant messaging and presence.
7993
IMAP (TLS)
Connects to Cisco Unity Connection to access, download, and play secure voicemail messages.
8191
TCP
Connects to the local port to provide Simple Object Access Protocol (SOAP) web services.
8443
HTTPS
8443 is the port for web access to Cisco Unified Communications Manager and includes connections for the following:
16384 to 32766
UDP
Sends RTP media streams for audio and video.
53
DNS
Provides hostname resolution.
1080
SOCKS5 Bytestreams
Sends peer to peer file transfers. If port 1080 is in use, Cisco Jabber for Windows attempts to use the next available port in the range from 1081 to 1089. In on-premises deployments, Cisco Jabber for Windows also uses this port to send screen captures.
ICMP requests
Cisco Jabber for Windows sends Internet Control Message Protocol (ICMP) requests to the TFTP server. Cisco Jabber uses these requests to determine whether it can connect to Cisco Unified Communications Manager. Therefore, you must configure your firewall settings to allow ICMP requests from the client. If your firewall does not allow ICMP requests, Cisco Jabber for Windows cannot establish a connection to Cisco Unified Communications Manager.
Notices
Copyright © 2014, Cisco Systems, Inc. All rights reserved.