Example Show: How to Configure a Cisco ASA 5540 for Video Conferencing for Polycom Device?

Posted on November 8, 2012 by | 0 Comments
Unlock Best Pricing with In-stock, Ready-to-Ship Products

Here we were asked to configure the Polycom device to have video conferencing with external world. Our Polycom device is behind a Cisco ASA 5540 firewall as shown in the below network layout.

Configure a Cisco ASA 5540 for Video Conferencing for Polycom Device

In order to permit H.323 video conferencing you need to follow the following steps

Step 1

Define static NAT rules

In the above example we will create a NAT rule for the external IP address 192.168.0.3 to the internal IP address 10.0.0.2 (assigned to Polycom device) using the following Cisco IOS command in ASA firewall.

static (inside,outside) 192.168.0.3 10.0.0.2 netmask 255.255.255.255

Step 2

Create an access list to allow access to polycom device from external network, we need to allow the following ports tcp/udp to enable to video conferencing and apply the same to outside interface

H323 -udp

1720 – tcp

3230 3285 – tcp

access-list Outside_In remark Allow traffic going to polycom device

access-list Outside_In extended permit udp any host 192.168.0.3 eq 1720

access-list Outside_In extended permit tcp any host 192.168.0.3 eq h323

access-list Outside_In extended permit udp any host 192.168.0.3 range 3230 3285

access-list Outside_In extended permit tcp any host 192.168.0.3 range 3230 3243

access-group Outside_In in interface outside

Step 3

Create the Access list which will allow traffic to traverse the ASA firewall from Internal to External network, repeat the steps above, but ensure the Interface: is set to inside as shown below.

access-list Inside_In remark Allow Traffic form polycom device to outside

access-list Inside_In extended permit udp host 10.0.0.2 any range 3230 3285

access-list Inside_In extended permit tcp any host 10.0.0.2 eq h323

access-list Inside_In extended permit tcp host 10.0.0.2 any range 3230 3242

access-group Inside_In in interface inside

By following the above three steps you can enable video conference to any polycom device behind the ASA firewall.

Reference from: https://itknowledgeexchange.techtarget.com

More Cisco ASA Tutorials:

Eight Commands on a Cisco ASA Security Appliance You Should Know

VLAN Sub-Interfaces on Cisco ASA 5500 Firewall Configuration

Cisco ASA 5500 Family, Key Component of the Cisco Secure Borderless Network

How to Configure Cisco ASA 5505 Firewall?

How to Connect a Remote Office to Cisco ASA 5510?

Share This Post

Related Posts

  • Using IPQ4019 VS IPQ4018 as an example – how to choose a suitable WiFi solution for IIOT?

    Using IPQ4019 VS IPQ4018 as an example – how to choose a suitable WiFi solution for IIOT?

  • Cisco GLC-LH-SMD SFP Transceiver Module: Seamless Connectivity for Your Network

    Cisco GLC-LH-SMD SFP Transceiver Module: Seamless Connectivity for Your Network

  • Spending on cloud computing and storage infrastructure will increase by nearly 15% year-on-year in Q1 2023

    Spending on cloud computing and storage infrastructure will increase by nearly 15% year-on-year in Q1 2023

  • What’s the Difference between HTTPS Port 443 and Port 8443?

    What’s the Difference between HTTPS Port 443 and Port 8443?

Post Comment