McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 25

↗ View in doc context
page
25
source
cucm/v15/install-guide/install-guide.md
chunk_id
cucm::v15::install-guide::install-guide::20

Firewall Requirements Ensure that you configure your firewall so that connections to port 22 are open, and aren't throttled. During the installation of Unified Communications Manager and IM and Presence subscriber nodes, multiple connections to the Unified Communications Manager publisher node are opened in quick succession. Throttling these connections could lead to a failed installation. For general security considerations, see the Security Guide for Cisco Unified Communications Manager. We recommend that you disable the "Intruder/Intrusion Detection" and/or "Brut Force Attack" features during upgrade and installs because these Firewall features are known to cause upgrades and installations to fail. Note For more information on the port usage, see the chapter 'Cisco Unified Communications Manager TCP and UDP Port Usage' in the System Configuration Guide for Cisco Unified Communications Manager. Ensure that you complete the following firewall updates before pre-installation: • If a firewall is in the routing path between nodes, disable the firewall. • Increase the firewall timeout settings until after you complete the installation. Temporarily allowing network traffic in and out of the nodes (for example, setting the firewall rule for these nodes to IP any/any) does not always suffice. The firewall might still close necessary network sessions between nodes due to timeouts. NTP Status You must verify the NTP status on the publisher node. If the publisher node fails to synchronize with an NTP server, subscriber node installation can fail. On the Unified Communications Manager publisher node, run the utils ntp status CLI command. RTT Requirement Ensure that you verify that the links between servers meet the 80-ms round-trip time (RTT) requirement and that you have enough bandwidth to support database replication. For more information on the 80-ms RTT requirement, see the Cisco Unified Communications Solutions Reference Network Design. NTP Status You must verify the NTP status on the publisher node. If the publisher node fails to synchronize with an NTP server, subscriber node installation can fail. On the Unified Communications Manager publisher node, run the utils ntp status CLI command. Installation Guide for Cisco Unified Communications Manager and the IM and Presence Service, Release 15 and SUs 19 Planning the Installation Firewall Requirements