Overview
While provisioning Polycom phones after installation, the phones cannot be updated remotely. Polycom phones require specific ports to be opened in order to deliver Polycom software updates.
This article provides information on how to change the Kerio Control firewall configuration for such a scenario.
Solution
Polycom phones use specific sets of ports to establish communication between Polycom servers and onsite physical phones. Kerio Control has a pre-configured set of services that are matching Polycom configuration. The only ports that need to be specified manually are:
- Syslog (TCP 1468)
- H.323 RAS Signaling (UDP 1719)
- RTP (2222)
- RTCP (2223)
- PDC (TCP 24800)
All other ports can be combined into the Polycom service group.
After a service group is added, create a separate Traffic rule with the following values:
- Source: <Polycom_Phone_IP_address>
- Destination: Internet Interfaces
- Service: Polycom (group), TCP 1468 and 24800, UDP 1719, 2222 and 2223
- Action: Allow
- Translation: NAT Balancing per host