mitel call paths and ports

18
Mitel Call Paths and Ports

Upload: chris-mcandrew

Post on 27-Apr-2015

8.318 views

Category:

Documents


3 download

DESCRIPTION

Mitel Call Paths and Ports

TRANSCRIPT

Page 1: Mitel Call Paths and Ports

Mitel Call Paths and Ports

Page 2: Mitel Call Paths and Ports
Page 3: Mitel Call Paths and Ports
Page 4: Mitel Call Paths and Ports

Traffic Guidelines

Page 5: Mitel Call Paths and Ports
Page 6: Mitel Call Paths and Ports
Page 7: Mitel Call Paths and Ports

Phone Sets and System Resources

Page 8: Mitel Call Paths and Ports

Mitel Ports

Controller and Handsets FUNCTION SOCKET NUMBER FTP (data) TCP 20 FTP (control) TCP 21 Telnet TCP 23 SMTP (VPIM for voice mail) TCP 25 DNS UDP 53 DHCP server UDP 67 DHCP client UDP 68 TFTP UDP 69 HTTP TCP 80 SNMP UDP 161 SNMP trap UDP 162 HTTPS (SSL) TCP 443 IP Trunk (unsecured) TCP 1066 IP Trunk (SSL) TCP 1067 OPS Manager, telephone directory TCP 1606 VoiceFirst (server connection) TCP 3300 PDA, Application communication TCP 3999 EDS TCP 5002 Telephone Directory (eManager) TCP 5009 SIP TCP 5060 SIP-TLS TCP/UDP 5061 E2T to RTC (SSL) TCP 6000 Set to ICP (Unsecured) TCP 6800 Set to ICP (SSL) TCP 6801 Set to ICP (Secure Minet) TCP 6802 Data Services access TCP 7011 SDS TCP 7050 E2T IP prior to release 6 RTP/UDP 5000 to 5512 E2T IP release 6 and above RTP/UDP 50000-50255 RTC TCP 6800 MiNET Client TCP 6900-6999 MiTAI TCP 8000 MiTAI (SSL) TCP 8001 IP Sets - Voice B1/B2, Rx pre release 8.0 RTP/UDP 9000/9002 IP Sets - Voice B1/B2, Tx pre release 8.0 RTP/UDP 9000/9002 IP Sets - Voice B1/B2, Rx post release 8.0 RTP/UDP 50000-50511 IP Sets - Voice B1/B2, Tx post release 8.0 RTP/UDP 50000-50511 TFTP UDP 20001 DECT voice and signalling TCP/UDP 16320 to 32767

Page 9: Mitel Call Paths and Ports

5550 Console "Keypad to Console PC" TCP port usage:

• The Keypad will use TCP port 6900 to establish a socket connection to the IP address of the PC on TCP port 10000

• The PC needs to allow inbound TCP sessions to TCP port 10000

"Console PC to 3300 ICP" TCP port usage:

• The PC will establish a connection to the 3300 ICP using the following TCP ports 6800, 7011 and 1606 on the 3300 ICP side

Page 10: Mitel Call Paths and Ports

Log Output Socket Number FUNCTION SOCKET NUMBER Software Logs TCP 1750 Maintenance Logs TCP 1751 SMDR TCP 1752 Hotel Logs TCP 1753 LPR1 Printer Port TCP 1754 ACD Real Time Event TCP 15373 IP PMS (Release 6.0) TCP 15374 PMS Voice Mail Integration TCP 6830

Page 11: Mitel Call Paths and Ports

Teleworker

Port Range Direction Purpose & Details

TCP 22 (SSH) Server « Internet AMC communications. Allow inbound and outbound packets on TCP port 22 between the 6010 and the Internet to enable server registration, software and license key downloads, alerts and reporting.

TCP 443 (HTTPS) Server « Internet

Remote Server Management. Allow inbound and outbound packets on TCP port 443 between the 6010 and the Internet to allow remote management of the server, if required. HTTPS access to the manager on the external interface must be also be explicitly enabled from the server manager interface.

TCP 443 (HTTPS) Server « LAN

Local Server Management. Allow inbound and outbound packets on TCP port 443 between the 6010 and the LAN to allow for management of the server. HTTPS access to the manager on the external interface must be also be explicitly enabled from the server manager interface. The firewall should be configured to limit HTTPS access to desired management hosts.

TCP 6800, 6801 and 6802

Server « Internet Server « LAN

Server « ICP(s)

MiNet Call Control. Allow incoming and outgoing packets for TCP ports 6801 and 6802 between the server and the Internet. Allow incoming and outgoing packets for TCP ports 6800, 6801 and 6802 between the server and the LAN and the server and the ICP(s). The LAN rule can be omitted if there are no teleworker sets on the LAN, but ensure that the ICP(s) can communicate with the server’s public address.

UDP 69 Server « Internet Server « LAN

Firmware Downloads. Allow incoming TFTP requests from the Internet and from the LAN to the server on UDP port 69. Allow outbound replies to these requests, from the server to both the Internet and the LAN. Phones will be unable to boot if this is misconfigured. LAN rules can be omitted if there are no in-office Teleworker sets. Note: a source UDP port of 69 is used for all replies from the 6010 TFTP server.

UDP 20,000 to 23,000 (RTP)

Server « Internet Server « LAN

Voice Communications. Allow incoming and outgoing RTP on UDP ports 20000 – 23000 between the server and the Internet. Misconfiguration here is a common cause of one-way audio problems.

UDP 1024 to 65,535 (RTP) Server ® LAN

Voice Communications. Allow outgoing RTP on UDP ports greater than, or equal to, 1024 from the server to the phone network (LAN). Failure to do so often results in a loss of audio from the remote phone to the local phone network (LAN).

UDP 1024 to 65,535 (RTP) LAN ® Server

Voice Communications. Allow outgoing RTP on UDP ports greater than, or equal to, 1024 from the phone network (LAN) to the publicly routable IP address of the server. Failure to do so usually results in the loss of audio from the local phone network (LAN) to the remote phone.

TCP 3300 (VFA) Server « Internet Server « LAN

Optional VoiceFirst Communications. Allow bidirectional traffic on TCP port 3300 if you have a VoiceFirst Solution installed.

TCP 8001 (MiTAI)

Server « Internet Server « LAN

Optional MiTAI Communications. Allow bidirectional traffic on TCP port 8001 if you are using the Your Assistant Softphone v3.1 or higher with the Teleworker Solution.

TCP 3999 (5230 set)

Server « Internet Server « LAN

Optional 5230 IP Appliance Communications. Allow bidirectional traffic on TCP port 3999 if you are using Mitel 5230 IP Appliances as Teleworker sets. This enables communications from the on-board PDA.

Page 12: Mitel Call Paths and Ports

Multi Protocol Border Gateway

Port Range

Direction

Purpose & Details

TCP 22 (SSH) Server => Internet AMC Communications. Allow

outbound packets (and replies) on TCP port 22 between the MBG Server and the Internet to enable server registration, software and license key downloads, alerts and reporting.

UDP 53 (DNS) Server => Internet DNS. The server requires DNS to look up the IP address of the Mitel AMC. Alternatively, the server can be configured to forward all DNS requests to another DNS server.

TCP 443 (HTTPS) Server <= Internet Remote Server Management (Optional). Allow inbound and outbound packets on TCP port 443 between the MBG server and the Internet to allow remote management of the server, if required. HTTPS access to the manager on the external interface must also be explicitly enabled from the server manager interface. The firewall should be configured to limit HTTPS access to desired management hosts.

TCP 443 (HTTPS) Server <= LAN Local Server Management. Allow inbound and outbound packets on TCP port 443 between the MBG Server and the LAN to allow for management of the server. HTTPS access to the manager on the external interface must also be explicitly enabled from the server manager interface. The firewall should be configured to limit HTTPS access to desired management hosts.

Page 13: Mitel Call Paths and Ports

TCP 6800, 6801 and 6802 Server => LAN Server => ICP(s)

TCP 6801 and 6802 Server <= Internet

MiNet Call Control. Allow incoming and outgoing packets for TCP ports 6801 (MiNet-SSL) and 6802 (MiNet-Secure V1) between the server and the Internet. Allow incoming and outgoing packets for TCP ports 6800 (unencrypted MiNet), 6801 and 6802 between the server and the LAN and the server and the ICP(s). The LAN rule can be omitted if there are no IP sets on the LAN, but ensure that the ICP(s) can communicate with the server's public address.

TCP 3998, and 6880 Server <= Internet SAC Connection Support. Allow incoming TCP on ports 3998 and 6880 to support the applications and the web browsing, respectively, on the 5235, 5330, 5340 and Navigator sets, from the Internet to the MBG server. There is an additional LAN rule that follows this to complete the support.

TCP 3998, 3999 and 6880 Server => ICP(s) SAC Connection Support. Allow bi-directional TCP traffic on port 3999 to the ICP(s). This is to support the applications on the 5235, 5330, 5340 and Navigator sets. Note: 3998 and 6880 are dependent on an additional, internal MBG server that the Internet-facing server is daisychained to.

TCP 80 Server => LAN Server => Internet

SAC Connection Support (Optional). Allow TCP port 80 from the server to the Internet, and to the LAN, to support web browsing on the 5235, 5330, 5340 and Navigator sets. Also required to the Internet to allow browsing of the Internet from the set.

Page 14: Mitel Call Paths and Ports

TCP 80 Internet <=> Server Certificate Management (Optional). On any client that makes use of MiSSLTunnel with a client certificate (UCA, CIS, etc), then this port must be open to the Internet to permit the web service to submit a certificate signing request (CSR) and check on the status of that request, finally downloading it. Also needed for CREs to register with SRC control interface.

TCP 6809 Between servers in the cluster. Cluster Comms. If making use of clustering in MBG/SRC, this port must be open between the servers in the cluster to permit them to communicate with one another.

UDP 20000 to configured upper bound (SRTP)

Server <= Internet Server <= LAN

Voice Communications. Allow incoming SRTP on UDP ports 20000 to the configured upper bound from all streaming devices on the LAN and the Internet. Misconfiguration here is a common cause of one-way audio problems.

UDP 30000 to 40000 Server => LAN Voice Recording (SRC only). For streaming voice streams from the SRC server to the CRE for recording purposes.

UDP 1024 to 65535 (RTP) Server => LAN Server => Internet

Voice Communications. Allow outgoing SRTP on UDP ports greater than, or equal to 1024 from the server to all streaming devices on the LAN and the Internet. Misconfiguration here is a common cause of one-way audio problems.

TCP 3300 (VFA) Server <= Internet Server <=> LAN

Optional VoiceFirst Communications. Allow bi-directional traffic on TCP port 3300 if you have a VoiceFirst Solution installed.

TCP 2114 Server <=> LAN Server <=> Internet

Your Assistant Support. To permit the YA client to connect to the logon server on the LAN side, this port must be permitted. Failure to do so will result in the client being unable to logon via their YA client.

Page 15: Mitel Call Paths and Ports

TCP 2116 Server <=> LAN Server <= Internet

Your Assistant Support. To permit the YA client to connect to the telephony server on the LAN side, this port must be permitted. Failure to do so will result in the client being unable to control their set via the Mitel ICP.

TCP 35000 Server <=> LAN Server <= Internet

Your Assistant Support. To permit the YA client to connect to the presence server on the LAN side, this port must be permitted. Failure to do so will result in the presence features in YA failing to function.

TCP 37000 Server <=> LAN Server <= Internet

Your Assistant Support. To permit the YA client to connect to the collaboration server on the LAN side, this port must be permitted. Failure to do so will result in the collaboration features in YA failing to function.

UDP 5060 Server <=> LAN Server <=> Internet

SIP Support. If the SIP connector is enabled, then this port is required for SIP signalling between MBG and the set, and MBG and the ICP.

UDP 5064 Server <=> LAN Server <=> Internet

SIP Trunk Support. If making use of SIP trunks, then this port must be open.

Page 16: Mitel Call Paths and Ports

Enterprise Manage Release 2.1 and up TCP/UDP Ports

Port Type Default Description

Traps - UDP 162 SNMP Traps RMI – TCP

1099 The RMI Registry port is used in client-server communication.

Inter-process communication -

TCP 2000

This port is used for communication between the back-end and front-end components within Enterprise Manager

Apache port - TCP 9090 This port is used in Client-Server communication.

MiXML -TCP 18000 MiXML for IP Phone discovery SNMP Agent port

– UDP 8001

MySQL 3306 This port is used in the database communication between the back-end and front-end of Enterprise Manager.

IPA 48879 This port is used to send and receive data.

Software Installer Random Number

By default, random numbers are used, hence need to setup an exception based on application.

Voice Quality (Viola) 4331 This port is used to communicate to the Voice Quality

server.

TightVNC 5900 This port is used for TightVNC client server communication.

Page 17: Mitel Call Paths and Ports

OPS Manager Release 6.10 and Up TCP/UDP Ports Port Type Default Description 80 Http TCP 80 For Ops Manager Clients to login to Ops manage Server

443 Https TCP 443 ESM access to 3300 ICP

21 Ftp TCP 21 PLID/DN Collection , Backup and restore of Network Elements

5009 UDP 5009 Unsolicited Data Transfer (alarm, Telephone Directory) 49500 to

49549 TCP

Range Data Services

7011 TCP The 3300 is listening on the 7011 port number by default for ops Data service (MAC, Backup, etc.)

23 telnet TCP 23 Access and upgrade to the sx2000

1606 csmsg – Telephone Directory, Alarm etc.

Page 18: Mitel Call Paths and Ports

Ports used by YA

Port Type Description Host Client

Ports between YA Server and YA client 22 TCP SSH for Web Collaboration YA Server YA Client

23 TCP Telnet for Web Collaboration YA Server YA Client

80 TCP HTTP for Web Collaboration YA Server YA Client

443 TCP HTTP for Web Collaboration YA Server YA Client

1270 TCP Web Collaboration port YA Server YA Client

2114 TCP Client/Server Authentication YA Server YA Client

2115 TCP Licensing Server YA Server YA Client

2116 TCP Telephony Server YA Server YA Client

35000 TCP YA Presence Server YA Server YA Client

37000 TCP Web Collaboration port YA Server YA Client

Ports Between YA server and other

389 TCP LDAP for Active Directory Synch YA Server ADC Server

2117 TCP YA Administration port YA Server Admin Tool

Ports Between YA server and 3300 ICP

8000 TCP MiTAI 3300 ICP YA Server

8001 TCP Secure MiTAI 3300 ICP YA server

18000 TCP MiMXML Server 3300 ICP YA Server

Ports Between YA client and 3300 ICP

6800 TCP Minet Protocol 3300 ICP YA Softphone Client

6801 TCP Secure Minet (SSL) 3300 ICP YA Softphone Client

6802 TCP Secure Minet (AES) 3300 ICP YA Softphone Client

6900 TCP Minet Protocol YA Softphone Client 3300 ICP

5000 to 5414

UDP Voice (RTP) between YA Softphone and E2T (Prior to 3300 R6.0)

3300 ICP YA Softphone Client

9000 UDP Voice (RTP) Channel 1 YA Softphone Client Other YA softphone Client, IP phone or IP Trunk

9002 UDP Voice (RTP) Channel 2 YA Softphone Client Other YA softphone Client, IP phone or IP Trunk

50000- to - 50255

UDP Voice (RTP) between YA Softphone and E2T (Post to 3300 R6.0)

3300 ICP YA Softphone Client