Security, Firewall and Network Address Translation (NAT)
PreviousNext

The Report Tool supports NAT in the following topology:

Report 




Tool for Cisco UC - NAT

The following table outlines the report availability and limitations if there is not full access. For example, if the Report Tool is run on a laptop that is outside the firewall, the firewall translates the following:

FireWall Rule #

FW Rule Name

IP Outside

Port Outside

IP Inside

Port Inside

1

CUCM AXL

IP_FW

FW-Port-AXL

IP_Publisher

443

2

CUCM SSH

IP_FW

FW-Port-SSH

IP_Publisher

22

CUCM Configuration reports:

CUPS Configuration reports:

Phone Inventory reports:

Unity Connection reports:

Unity connection reports require 2 entries on the firewall:

Please note that the Services Status table will access the Primary and Standby server on the entered IP address with HTTPS on port 8443. There is currently no option to change this port, so this port must be present on the firewall and must be translated to the SERVER_IP:8443. For several servers, the firewall requires several IP addresses.

CER reports:

Cisco Emergency Responder connection reports require one on the firewall:

Please note that the Service Status table will access the Primary and Standby server on the entered IP address with HTTPS on port 8443. There is currently no option to change this port, so this port must be present on the firewall and must be translated to the SERVER_IP:8443. For several servers, the firewall requires several IP addresses.

UCCX reports:

UCCX reports require 2 entries on the firewall:

Please note that the Service Status table will access the Primary and Standby server on the entered IP address with HTTPS on port 443. There is currently no option to change this port, so this port must be present on the firewall and must be translated to the SERVER_IP:443. For several servers, the firewall requires several IP addresses.

To report on scripts via the Cisco UCCX Script Editor, please make sure the Cisco UCCX Script Editor can access the script repository on the UCCX server without the Report Tool. An entry for the Java RMI port (default is TCP 6978, which can be changed on UCCX Administration settings) is required for the firewall. No port translation support is included in the Report Tool, so a firewall rule needs to be added to translate the IP address by keeping the RMI TCP port number as defined on UCCX.

 

Please note that https TCP port 443 is used to access the CUCM AXL API which also runs on TCP port 8443.

 

 


 


© 2009-2020 www.uplinx.com. Last updated 5 Aug 2020.