Example Show: How to Configure a Cisco ASA 5540 for Video Conferencing for Polycom Device?

Posted on November 8, 2012 by | 0 Comments
2023 SEASON SALE Networking and Security Showcase In-stock ICT products at exclusive discounts

Here we were asked to configure the Polycom device to have video conferencing with external world. Our Polycom device is behind a Cisco ASA 5540 firewall as shown in the below network layout.

Configure a Cisco ASA 5540 for Video Conferencing for Polycom Device

In order to permit H.323 video conferencing you need to follow the following steps

Step 1

Define static NAT rules

In the above example we will create a NAT rule for the external IP address 192.168.0.3 to the internal IP address 10.0.0.2 (assigned to Polycom device) using the following Cisco IOS command in ASA firewall.

static (inside,outside) 192.168.0.3 10.0.0.2 netmask 255.255.255.255

Step 2

Create an access list to allow access to polycom device from external network, we need to allow the following ports tcp/udp to enable to video conferencing and apply the same to outside interface

H323 -udp

1720 – tcp

3230 3285 – tcp

access-list Outside_In remark Allow traffic going to polycom device

access-list Outside_In extended permit udp any host 192.168.0.3 eq 1720

access-list Outside_In extended permit tcp any host 192.168.0.3 eq h323

access-list Outside_In extended permit udp any host 192.168.0.3 range 3230 3285

access-list Outside_In extended permit tcp any host 192.168.0.3 range 3230 3243

access-group Outside_In in interface outside

Step 3

Create the Access list which will allow traffic to traverse the ASA firewall from Internal to External network, repeat the steps above, but ensure the Interface: is set to inside as shown below.

access-list Inside_In remark Allow Traffic form polycom device to outside

access-list Inside_In extended permit udp host 10.0.0.2 any range 3230 3285

access-list Inside_In extended permit tcp any host 10.0.0.2 eq h323

access-list Inside_In extended permit tcp host 10.0.0.2 any range 3230 3242

access-group Inside_In in interface inside

By following the above three steps you can enable video conference to any polycom device behind the ASA firewall.

Reference from: https://itknowledgeexchange.techtarget.com

More Cisco ASA Tutorials:

Eight Commands on a Cisco ASA Security Appliance You Should Know

VLAN Sub-Interfaces on Cisco ASA 5500 Firewall Configuration

Cisco ASA 5500 Family, Key Component of the Cisco Secure Borderless Network

How to Configure Cisco ASA 5505 Firewall?

How to Connect a Remote Office to Cisco ASA 5510?

Share This Post

Related Posts

  • Cisco SMARTnet Services: 7 Types for Enhanced Technical Support

    Cisco SMARTnet Services: 7 Types for Enhanced Technical Support

  • Embracing All-Intelligence Networking: Huawei’s AI Initiatives in the Net5.5G Landscape

    Embracing All-Intelligence Networking: Huawei’s AI Initiatives in the Net5.5G Landscape

  • Cisco Strengthens Cloud Networking and Security with Isovalent Acquisition

    Cisco Strengthens Cloud Networking and Security with Isovalent Acquisition

  • Huawei Redefines Campus Networking with Cutting-Edge Wi-Fi 7 Technology

    Huawei Redefines Campus Networking with Cutting-Edge Wi-Fi 7 Technology

Post Comment