Port Utilization in Unified CCX - Cisco · Socket.IO Service Thisisthesecureportwhere live-datareportingclientscan connecttosocket.IOserver. CiscoUnified TCP12015 — — Bidirectional

Port Utilization in Unified CCX

• Port Utilization Table Columns, page 1

• Unified CCX Port Utilization, page 2

• Unified IP IVR Port Utilization, page 7

Port Utilization Table ColumnsThe columns in the port utilization tables in this document describe the following:

Listener (Process or Application Protocol)

A value representing the server or application and where applicable, the open or proprietary applicationprotocol.

Listener Protocol and Port

An identifier for the TCP or UDP port that the server or application is listening on, along with the IPaddress for incoming connection requests when acting as a server.

Remote Device (Process or Application Protocol)

The remote application or device making a connection to the server or service specified by the protocol;or listening on the remote protocol and port.

Remote Protocol and Port

The identifier for the TCP or UDP port that the remote service or application is listening on, along withthe IP address for incoming connection requests when acting as the server.

Traffic Direction

The direction that traffic flows through the port: Inbound, Bidirectional, Outbound.

Port Utilization Guide for Cisco Unified Contact Center Express Solutions, Release 11.0(1) 1

The operating system dynamically assigns the source port that the local application or service uses toconnect to the destination port of a remote device. In most cases, this port is assigned randomly aboveTCP/UDP 1024.

Note

Unified CCX Port UtilizationTable 1: Unified CCX Port Utilization

PurposeTrafficdirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

- Echo for Editor

- ICM Controller

Bidirectional—EditorTCP 7SystemService

SFTP and SSH accessBidirectional——TCP 22SystemService

Web accessBidirectional——TCP 80Tomcat(HTTP)

Used for page push to phonefrom the FIPPA Service

Bidirectional—Intracluster communication (seetable note)

TCP 80FIPPA Server

Network time syncBidirectional——UDP 123SystemService

Provide services forSNMP-based managementapplications

Inbound——UDP 161SNMP Agent

Provide RTMT data collecting,logging and alertingfunctionalities (AMC RMIObject Port)

Bidirectional—Intracluster communicationTCP 1090AONManagementConsole(AMC)Service

Provide RTMT data collecting,logging and alertingfunctionalities (AMC RMIRegistry Port)


—Bidirectional——TCP 1994Unified CCX

Port Utilization Guide for Cisco Unified Contact Center Express Solutions, Release 11.0(1)2

Port Utilization in Unified CCXUnified CCX Port Utilization






This is the port where live-datareporting clients can connect tosocket.IO server.

Bidirectional——TCP 12014Cisco UnifiedCCXSocket.IOService

This is the secure port wherelive-data reporting clients canconnect to socket.IO server.

Bidirectional——TCP 12015Cisco UnifiedCCXSocket.IOService

This is the port where the IDSengine listens for DB clients

Bidirectional——TCP 1500DBMON

- This is an alternate port tobring up a second instance ofIDS during upgrade.

- Localhost traffic only


Unified CCX database portBidirectional—External process like HRC,WallBoard Client, External DBclients (like Squirrel or othersfor custom reporting) canconnect

TCP 1504InformixDynamicServer (IDS)

DBL RPC, this is used duringinstallation to set up IDSreplication between nodes

Bidirectional—Intracluster communicationTCP 1515DBL RPC(XML)

Connect to other RISDCservices in the cluster to providecluster-wide real-timeinformation

Bidirectional—Intracluster communicationTCP 2555Real-TimeInformationServer (RIS)Data Collectorservice(RISDC)

Allowed RIS client connectionto retrieve real-time information

Bidirectional—Intracluster communicationTCP 2556RISDC

Provide services to CTIapplications

Bidirectional2748Unified CMTCP 2789JTAPI Client(QBE)

DRF master agent server portaccepts connections from localagent GUI and CLI

Bidirectional—TCP 4040DisasterRecoverySystem (DRS)








SOAP MonitorBidirectional——TCP 5001Real-timeservice

SOAP MonitorBidirectional——TCP 5002Perfmonservice

SOAP MonitorBidirectional——TCP 5003Control centerservice

SOAP MonitorBidirectional——TCP 5004LogCollectionService

SOAP Monitor - atroubleshooting tool for SOAPinfrastructure

Bidirectional——TCP 5007SystemService

Communicatewith SIP gatewayBidirectional—SIP gatewayUDP 5065Engine

OpenFire socket based clientconnection

Bidirectional—Openfire/SMACTCP 5222NotificationService

OpenFire socket based clientconnection

Bidirectional—Openfire/SMACTCP 5443NotificationService

Heartbeats between CVDs inthe cluster

Bidirectional—CVD of other node in clusterTCP 5900CVD

Publish JMS events across JMSnetwork connectors in thecluster

Bidirectional6161InternalTCP 6161CVD

ActiveMQ

RMI PortBidirectional—Engine, Tomcat, CVD, andEditor

TCP 6999CVD

HTTP bindBidirectional—Web BrowserTCP 7071NotificationService

Secure HTTP bindBidirectional—Web BrowserTCP 7443NotificationService

DB change notification portBidirectional—Intracluster communicationTCP 8001DBMON(CN)








-Client browser trying to accessany of the Administrationinterfaces or User Optionsinterface.

-Web services client usingRTMT, configuration APIs, andmobile supervisor applications.

Bidirectional—Client BrowserTCP 8080Tomcat(HTTP)

Client browser trying to accessthe Cisco Unified IntelligenceCenter web interface

Bidirectional—Client BrowsersTCP 8081Cisco UnifiedIntelligenceCenter Tomcat(HTTP)

HTTP port to access CiscoFinesse Tomcat webapplications.

Cisco FinesseAgent/SupervisorDesktop and CiscoFinesse AdministrationConsole accessed usingport 8082 isautomaticallyredirected to port 8445.

Note

Bidirectional—Cisco Finesse Agent/SupervisorDesktop, Cisco FinesseAdministration Console, andREST APIs

TCP 8082Cisco FinesseTomcat(HTTP)

- Client browser trying to accessany of the Administrationinterfaces or User Optionsinterface

- Web services client usingRTMT, configuration APIs, andmobile supervisor applications

Bidirectional—Client BrowserTCP 8443Tomcat(HTTPs)

Client browser trying to accessthe Cisco Unified IntelligenceCenter web interface

Bidirectional—Client BrowsersTCP 8444Cisco UnifiedIntelligenceCenter Tomcat(HTTPs)

Secured HTTP port to accessCisco Finesse Tomcat webapplications.

Bidirectional—Cisco Finesse Agent/SupervisorDesktop, Cisco FinesseAdministration Console, andREST APIs

TCP 8445Cisco FinesseTomcat(HTTPs)








Cluster replication of platformdata (hosts) certificates. Uses aproprietary protocol.

Bidirectional——UDP 8500IPSecManagerdaemon

Connectivity testing. Uses aproprietary protocol.

Bidirectional——TCP 8500IPSecManagerdaemon

- Tomcat instance used byUnified CCX engine

- Clients trying to access HTTPtriggers or documents / prompts/ grammars / live data

Bidirectional——TCP 9080Engine

- Secure port used by Tomcatinstance

- Used by live-data client forauthentication


CTI ServerBidirectional——TCP 12028Unified CCXEngine, CiscoMobileSupervisor

- Audio media streaming

- Kernel streaming device driver

Bidirectional——UDP 24576 ~32767

Cisco IP VoiceMediaStreamingapplication(RTP RTCP)

Generic ephemeral TCP ports(see table note)

Bidirectional——TCP 32768 ~61000

Generic ephemeral UDP ports(see table note)


Provides an interface to controlAgent Desktop over a customprotocol.

Bidirectional—Custom applicationUDP 58000

Notification Service—ActiveMQ OpenWire transportconnector

Bidirectional—Chat applicationsTCP 61616NotificationService

ActiveMQ



Table Notes

1 Intracluster communication in the table represents communication between Unified CCX servers in acluster.

2 TCP Ephemeral ports are used to accept connections during Java RMI communication. Java RMI clientsknowwhich port it need to connect, because RMI first connects to RMI Registry (well-known port - 6999)and get the information which ephemeral port client need to connect to Unified

CCXAdministration page, Engine and CVD use RMI communication in CCX/IP-IVR, so TCP ephemeralport range is opened up for intracluster communication between these processes.

3 UDP Ephemeral ports are used to receive audio/video RTP streams; so UDP Ephemeral port range isopened for incoming connections for streaming RTP media from CTI ports.

4 Port 38983 is open only on Unified CCX systems that were upgraded from versions earlier than 9.0(1).

Unified IP IVR Port UtilizationTable 2: Cisco Unified IP IVR Port Utilization






- Echo for Editor

- ICM Controller

Bidirectional—EditorTCP 7SystemService

SFTP and SSH accessBidirectional——TCP 22SystemService

Web accessBidirectional——TCP 80Tomcat(HTTP)

Network time syncBidirectional——UDP 123SystemService

Provide services forSNMP-based managementapplications

Inbound——UDP 161SNMP Agent

Web accessBidirectional—Client BrowserTCP 443Tomcat

Provide RTMT data collecting,logging and alertingfunctionalities (AMC RMIObject Port)

Bidirectional—Intracluster communication (seetable note 1)

TCP 1090AONManagementConsole(AMC)Service


Port Utilization in Unified CCXUnified IP IVR Port Utilization

/li1014






Provide RTMT data collecting,logging and alertingfunctionalities (AMC RMIRegistry Port)


This is the port where the IDSengine listens for DB clients


- This is an alternate port tobring up a second instance ofIDS during upgrade.

- Localhost traffic only


Unified IP IVR database portBidirectional—External process like HRC,WallBoard Client, External DBclients (like Squirrel or othersfor custom reporting) canconnect

TCP 1504InformixDynamicServer (IDS)

DBL RPC, this is used duringinstallation to set up IDSreplication between nodes

Bidirectional—Intracluster communicationTCP 1515DBL RPC(XML)

—Bidirectional——TCP 1994Unified IPIVR ClusterView Daemon(CVD)

Connect to other RISDCservices in the cluster to providecluster-wide real-timeinformation

Bidirectional—Intracluster communicationTCP 2555Real-TimeInformationServer (RIS)Data Collectorservice(RISDC)

Allowed RIS client connectionto retrieve real-time information

Bidirectional—Intracluster communicationTCP 2556RISDC

Provide services to CTIapplications

Bidirectional2748Unified CMTCP 2789JTAPI Client(QBE)

DRF master agent server portaccepts connections from localagent GUI and CLI

Bidirectional——TCP 4040DisasterRecoverySystem (DRS)








Using this port Unified ICMSubsystem listens toGED-125Clients. This port ismodifiable

Bidirectional—Unified ICMTCP 5000Unified IPIVR Engine

SOAP MonitorBidirectional——TCP 5001Real-timeservice

SOAP MonitorBidirectional——TCP 5002Perfmonservice

SOAP MonitorBidirectional——TCP 5003Control centerservice

SOAP MonitorBidirectional——TCP 5004LogCollectionService

SOAP Monitor - atroubleshooting tool for SOAPinfrastructure

Bidirectional——TCP 5007SystemService

Heartbeats between CVDs inthe cluster

Bidirectional—CVD of other node in clusterTCP 5900CVD

Publish JMS events across JMSnetwork connectors in thecluster (ActiveMQ)

Bidirectional6161Intracluster communicationonly

TCP 6161CVD

RMI PortBidirectional—Engine, Tomcat, CVD, andEditor

TCP 6999CVD

DB change notification port.Bidirectional—Intracluster communicationTCP 8001DBMON(CN)

-Client browser trying to accessany of the Administrationinterfaces or User Optionsinterface.

Web services client usingRTMT, configuration APIs, andmobile supervisor applications.

Bidirectional—Client BrowserTCP 8080Tomcat(HTTP)

To access the FinesseAdministration page andFinesse Agent Desktop.

Bidirectional—Client BrowserTCP 8082FinesseTomcat(HTTP)








DB access via SOAP; Tomcatforwards the SOAP request toAXL

Bidirectional——TCP 8443Tomcat

- Client browser trying to accessany of the Administrationinterfaces or User Optionsinterface

- Web services client usingRTMT, configuration APIs, andmobile supervisor applications

Bidirectional—Client BrowserTCP 8443Tomcat(HTTPS)

Cluster replication of platformdata (hosts) certificates etc.Uses a proprietary protocol.

Bidirectional——UDP 8500IPSecManagerdaemon

Connectivity testing. Uses aproprietary protocol.

Bidirectional——TCP 8500IPSecManagerdaemon

- Tomcat instance used byUnified CCX engine

- Clients trying to access HTTPtriggers or documents / prompts/ grammars


- Audio media streaming. -Kernel streaming device driver


Cisco IP VoiceMediaStreamingapplication(RTP RTCP)

Generic ephemeral TCP ports(see table note 2)

Bidirectional——TCP 32768 ~61000

—

Generic ephemeral UDP ports(see table note 3)


—

Table Notes

1 Intracluster communication in the table represents communication between Unified IP IVR servers in acluster.

2 TCP Ephemeral ports are used to accept connections during Java RMI communication. Java RMI clientsknowwhich port it need to connect, because RMI first connects to RMI Registry (well-known port - 6999)



/li1015

/li1016

and get the information which ephemeral port client need to connect to. AppAdmin, Engine and CVD useRMI communication in CCX/IP-IVR, so TCP ephemeral port range is opened up for intraclustercommunication between these processes.

3 UDP Ephemeral ports are used to receive audio/video RTP streams; so UDP Ephemeral port range isopened for incoming connections for streaming RTP media from CTI ports.





Documents

Port Utilization in Unified CCX - Cisco · Socket.IO Service Thisisthesecureportwhere live-datareportingclientscan connecttosocket.IOserver. CiscoUnified TCP12015 — — Bidirectional