Filter
Top Products
Copyright © 2001 Cisco Systems, Inc. Page 11 of 11
deny option in an access-list command statement, PIX Firewall discards the packet and
generates the following syslog message:
%PIX-4-106019: IP packet from source_addr to destination_addr, protocol protocol
received from interface interface_name deny by access-group acl_ID
Always use the access-list command with the access-group command.
Typical Ports used for H.323 traffic
Port
Protocol
Description
Terminal
MCU
Gateway
Gatekeeper
1300
TCP
H.235 secure signaling
X
X
X
1503
TCP
T.120 Data
X
X
X
1718
UDP
Gatekeeper discovery
X
X
X
X
1719
UDP
Gatekeeper RAS
X
X
X
X
1720
TCP
H.323 call set-up
X
X
X
1731
TCP
Audio call control
X
X
X
1820
TCP
Cisco IP/VC GW
X
2720
TCP
Cisco IP/VC MCU
X
1024-65535
TCP
H.245
X
X
X
1024-65535
UDP
RTP (video)
X
X
X
1024-65535
UDP
RTP (audio)
X
X
X
1024-65535
UDP
RTCP (control)
X
X
X
Helpful Links
Cisco Secure PIX Configuration Forms
http://www/univercd/cc/td/doc/product/iaabu/pix/pix_60/config/cfgforms.htm
Performance of PIX in H.323
http://wwwin.cisco.com/cmc/cc/pd/fw/sqfw500/tech/h3prf_in.pdf
Microsoft’s How to Establish NetMeeting Connections Through a Firewall
http://support.microsoft.com/support/kb/articles/Q158/6/23.asp?LN=EN-US&SD=g
Cisco's PIX Firewall and Stateful Firewall Security
http://www/warp/public/cc/pd/fw/sqfw500/tech/nat_wp.htm
Other Cisco Secure PIX Firewall configuration examples
http://www.cisco.com/warp/customer/707/index.shtml - pix
PIX Top Issues
http://www.cisco.com/warp/customer/110/top_issues/pix/pix_index.shtml
Pix Support Page
http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Hardware:PIX
How NAT Works
http://www.cisco.com/warp/public/556/nat-cisco.shtml