Network technologies and trends

Sep 11 2012   5:01AM GMT

How To Configure a Cisco ASA 5540 firewall for Video Conferencing for Polycom device?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan


Recently we were asked to configure the Polycom device to have video conferencing with external world. Our Polycom device is behind a Cisco ASA 5540 firewall as shown in the below network layout.

In order to permit H.323 video conferencing you need to follow the following steps


Step 1


Define static NAT rules


In the above example we will create a NAT rule for the external IP address to the internal IP address (assigned to Polycom device) using the following Cisco IOS command in ASA firewall.

static (inside,outside) netmask


Step 2

 Create an access list to allow access to polycom device from external network, we need to allow the following ports tcp/udp to enable to video conferencing and apply the same to outside interface

H323 -udp

1720 – tcp

3230 3285 – tcp


access-list Outside_In remark Allow traffic going to polycom device

access-list Outside_In extended permit udp any host eq 1720

access-list Outside_In extended permit tcp any host eq h323

access-list Outside_In extended permit udp any host range 3230 3285

access-list Outside_In extended permit tcp any host range 3230 3243


access-group Outside_In in interface outside



Step 3

Create the Access list which will allow traffic to traverse the ASA firewall from Internal to External network, repeat the steps above, but ensure the Interface: is set to inside as shown below.

access-list Inside_In remark Allow Traffic form polycom device to outside

access-list Inside_In extended permit udp host any range 3230 3285

access-list Inside_In extended permit tcp any host eq h323

access-list Inside_In extended permit tcp host any range 3230 3242

access-group Inside_In in interface inside

By following the above three steps you can enable video conference to any polycom device behind the ASA firewall.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: