[cisco-voip] semi OT: Remote user ASA Lan to LAN options
Jason Aarons (US)
jason.aarons at us.didata.com
Tue Feb 6 14:45:51 EST 2007
Get a second public ip address and buy the Meteros (Cisco) SCCP Proxy!
Regular voice isn't encrypted today and easily listenable on PSTN with
any butt set. This way you don't have house calls about IPSEC tunnel
problems and VPN3 design issues.
Keep It Simple and Stupid. I can't imagine how much a bunch of ASA-5505
would cost for every site with 7900 Phones, much along the TCO of having
IPSEC tunnels.
I saw a cool demo at VoiceCon last year from Avaya, handsets used public
ip addresses with SSL/https for call control/rtp over the Internet, they
claimed it was easier than CTLs.
For refence the TeleWorker SRND only supports the 8XX. Wonder if they
will update it for this new ASA?
From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Voll, Scott
Sent: Tuesday, February 06, 2007 2:34 PM
To: Craig M Staffin
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] semi OT: Remote user ASA Lan to LAN options
Now my second question is...... is it better to terminate this user on a
VPN Concentrator or on a Pix OS 7.2 if I'm using Easy VPN?
Scott
________________________________
From: Craig M Staffin [mailto:cmstaffin at ra.rockwell.com]
Sent: Tuesday, February 06, 2007 11:24 AM
To: Voll, Scott
Cc: cisco-voip at puck.nether.net; cisco-voip-bounces at puck.nether.net
Subject: Re: [cisco-voip] semi OT: Remote user ASA Lan to LAN options
Scott,
I would use DMVPN as long as you have a static IP back at the main site.
Easy VPN would also work for a single remote user setup
This should do what you need to do.
Craig
"Voll, Scott" <Scott.Voll at wesd.org>
Sent by: cisco-voip-bounces at puck.nether.net
02/06/2007 01:19 PM
To
<cisco-voip at puck.nether.net>
cc
Subject
[cisco-voip] semi OT: Remote user ASA Lan to LAN options
So we just purchased a ASA5505 for a remote user to connect back to the
main site.
The idea was to do a LAN to LAN IPSEC tunnel. But since this is Comcast
(cable broadband) and they don't do static IP's I'm trying to figure out
how to go about this. My second thought is that since we will have a
SCCP IP phone behind it I can do a Dynamic VPN connection and since it's
SCCP then It will be sending keepalives to the CM the VPN connection
will stay up. Would this be correct?
Does anyone already do this? What are you doing?
Any other thoughts?
TIA
Scott_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-----------------------------------------
Disclaimer:
This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the
designated addressee(s) named above only. If you are not the
intended addressee, you are hereby notified that you have received
this communication in error and that any use or reproduction of
this email or its contents is strictly prohibited and may be
unlawful. If you have received this communication in error, please
notify us immediately by replying to this message and deleting it
from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20070206/be5208e4/attachment.html
More information about the cisco-voip
mailing list