Manualshelf

Specifications

ManualsBrandsAcard ManualsMusical equipmentARS-2051F
31323334353637383940
MBG Engineering Guidelines, Release 8.0
7 Additional Application Requirements
MBG allows the use of several supported applications from remote sites, just as it allows use of IP phones.
When MBG is deployed in the DMZ of a third-party firewall, that firewall must be configured to allow connections
from these applications.
This section, plus the common rules in Firewalls (DMZ deployment) on page 15, gives a minimum configuration
for each supported application. Refer to Appendix A: Firewall Configuration Reference for the full set of firewall
rules.
7.1 Unified Communicator Advanced (UCA) v4.0+
Warning: MBG 7.0 required a port-forwarding rule for port 36008 that directed traffic to the UCA server.
After upgrading to MBG 7.1 or higher, this rule must be removed from the MSL Port Forwarding panel.
The following additional rules are required, excluding the UCA softphones:
From the Internet to the MBG server:
allow protocol TCP, destination ports 5269, 36005 – 36008 (inclusive)
From the MBG server to the LAN:
allow protocol TCP, destination ports 80, 443, 5060, 5269, 36008
Note: When UCA server is behind MBG, remote UCA clients require access via Web Proxy for UCA 5.1
and above. See 7.3Web Proxy for additional firewall rules.
UCA clients also include MiNet and SIP softphones. For additional firewall rules covering the UCA softphones
see 4.3 Firewall Configuration for Remote MiNet Devices and 4.4 Configuring MBG for Remote SIP Devices.
MBG 8.0 includes two additional connectors to help with specific kinds of UCA SIP softphone connectivity issues
that may be experienced in some deployments due to improper handling of SIP UDP by some NAT firewalls.
These MBG connectors allow the configuration on selected UCA SIP softphones to be changed from SIP UDP
signaling to use SIP TCP or SIP TLS signaling (TLS preferred). When the selected UCA SIP softphone connects
to MBG on TCP or TLS from the Internet, the MBG bridges it internally to the SIP UDP connector used by default
for the unmodified UCA SIP softphones.
The following additional rules are required for UCA SIP softphone signaling over TCP or TLS:
From the Internet to the MBG server:
allow protocol TCP, destination ports 5060, 5061
7.2 Mitel Contact Center
The following additional rules are required:
From the Internet to the MBG server:
allow protocol TCP, destination ports 35001 – 35008 (inclusive), 36000 – 36004 (inclusive)
From the MBG server to the LAN:
allow protocol TCP, destination ports 80, 443, 1443, 5024 – 5026 (inclusive), 5030, 7001, 7003, 8083,
8084, 8188, 42440
28