[cisco-voip] WebDialer and Outlook

Simon, Bill BillS at tns.its.psu.edu
Wed Aug 17 13:16:31 EDT 2005 

RE:  Reverse proxying
 
This is a good solution for CCMUser pages.  We use it here--one machine has
two interfaces, one on the public/data vlan, and one on the voice vlan, and
it runs a proxy software.  Users connect via HTTP to this machine and it
proxies requests through to the CallManager.  In this way, users do not have
any sort of direct access to CCM.
 
You can do this for the CCMAdmin pages too.
 
We were not successful in implenting this for Unity or CRA web sites.  These
use popups and links with absolute URLs, which the proxy does not translate.
Plus the CRA system, which we are using for ACD, requires a client-side SQL
access tool for supervisor access to the ACD stats, and we haven't found a
way to proxy that either.
 

  _____  

From: Lelio Fulgenzi [mailto:lelio at uoguelph.ca] 
Sent: Wednesday, August 17, 2005 12:37 PM
To: Tech Guy; Bradley Bieth
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] WebDialer and Outlook


If access to CCM user pages is your only concern, then you might want
consider a reverse proxy. We have that installed and it works very well. You
have to do a bit more work in getting it to work with HTTPS, but it will
still work.
 
For other application such as softphone, etc, you will need direct access,
but seeing that IIS is under so much attack, I would almost use both -
direct access for applications and proxy access for ccmuser pages. 
 
We have not got the reverse proxy working for Unity user pages but we also
haven't spent much time there either.
 
----------------------------------------------------------------------------
----
Lelio Fulgenzi, B.A.
Network Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
"I had a coffee and Coke at lunch today...and now, I've got more jitter than
an
IP phone on a long haul 10base2 connection"
LFJ

----- Original Message ----- 
From: Tech Guy <mailto:techguy at gmail.com>  
To: Bradley Bieth <mailto:bbieth at pacific.edu>  
Cc: cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net>  
Sent: Wednesday, August 17, 2005 12:32 PM
Subject: Re: [cisco-voip] WebDialer and Outlook

I think most people do have seperate vlans for voice and data, many
people do limit pc's from accessing the callmanagers, I have asked
about this before and it seems obvious you dont want your pc's
accessing callmanagers but then I have asked what the point of having
"CCMUser" page?  Most of our users use the CCMUser page, so they need
to access the callmanagers.

In this case I guess our voice and data vlans, despite being different
are not doing us much good security wise.  However, the voice vlan
will run a separate spanning tree so that if a PC has a virus and
loads up the data VLAN, the voice vlan may not be affected. Also, its
better for QOS to keep a separate Voice vlans.

I have the same concerns as you about our vlans, but not sure what to
do about the fact our users need access to CCMUser.




On 8/17/05, Bradley Bieth <bbieth at pacific.edu <mailto:bbieth at pacific.edu> >
wrote:
> What are the security risk in regards to user computers accessing the
voice
> vlan to make these calls? It sounds that the personal computer sends the
> dialing information to CCM via the IP address and then CCM dials that
> number. In our network diagram we have the call managers on a separate
voice
> vlan and we have ACL's setup to allow only those specific machine access
to
> that vlan.
>  
> Do other user have this same setup? How do you get around personal PC's
> accessing call managers?
>  
> Thanks
> Brad
> bbieth at pacific.edu <mailto:bbieth at pacific.edu> 
>  
> Bradley Bieth
> Network Engineer I
> Telecommunications
> University of the Pacific
> bbieth at pacific.edu <mailto:bbieth at pacific.edu> 
> (209) 946-3953
> 
> >>> "Court Schuett" <cschuett at hfsnorthamerica.com
<mailto:cschuett at hfsnorthamerica.com> > 8/17/2005 8:40:32 AM >>>
> 
> Thanks for the help.  That must have been it because it is working like
> a champ now.  Have to say, that's a pretty cool feature.  Thanks!
> 
> Court Schuett
> 
> 630-909-5560
> cschuett at hfsna.com <mailto:cschuett at hfsna.com> 
> -----Original Message-----
> From: Tech Guy [mailto:techguy at gmail.com] 
> Sent: Tuesday, August 16, 2005 4:17 PM
> To: Court Schuett
> Cc: cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> Subject: Re: [cisco-voip] WebDialer and Outlook
> 
> Make sure you have the correct username and password.  Log into
> CCMUser to confirm the username and password is working.
> 
> Make sure in Global Directory the user has the phone setup as the
> controlled device, and that "Enable CTI Application Use" is checked.
> 
> I ran into this on one user I set it up for and it was a combination
> of wrong password, and not having enable CTI checked.
> 
> On another user I simply had to reboot for some reason.
> 
> Hope that helps,
> Dane
> 
> 
> On 8/16/05, Court Schuett <cschuett at hfsnorthamerica.com
<mailto:cschuett at hfsnorthamerica.com> > wrote:
> > I'm having problems as well.  I installed it and configured everything
> > in it correctly.  However, when I go to the Dialing Properties in
> > Outlook, I don't see an option for it.  All I see are:
> > My Modem
> > IPCONFLINE
> > H323 Line
> > 
> > Outlook 2003
> > Exchange 2003
> > Call Manager 4.0(1)sr2a
> > 
> > Any ideas?
> > 
> > Thanks!
> > 
> > Court Schuett
> > 
> > 630-909-5560
> > cschuett at hfsna.com <mailto:cschuett at hfsna.com> 
> > -----Original Message-----
> > From: cisco-voip-bounces at puck.nether.net
<mailto:cisco-voip-bounces at puck.nether.net> 
> > [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of
> Ortiz, Carlos
> > Sent: Tuesday, August 16, 2005 2:26 PM
> > To: Tech Guy; cisco-voip at puck.nether.net
<mailto:cisco-voip at puck.nether.net> 
> > Subject: RE: [cisco-voip] WebDialer and Outlook
> > 
> > I tried on day to get the Web dialer working but was unsuccessful.  Do
> > you have a specific link/guide that you used.  If you can send it back
> I
> > would appreciate it.
> > 
> > Carlos
> > 
> > -----Original Message-----
> > From: cisco-voip-bounces at puck.nether.net
<mailto:cisco-voip-bounces at puck.nether.net> 
> > [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of
> Tech Guy
> > Sent: Tuesday, August 16, 2005 2:34 PM
> > To: cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > Subject: Re: [cisco-voip] WebDialer and Outlook
> > 
> > Humm.. care to expand on this?  I am unsure what you are referring to
> > when you say "use the cisco tsp" ?
> > 
> > Dane
> > 
> > On 8/16/05, Wes Sisk <wsisk at cisco.com <mailto:wsisk at cisco.com> > wrote:
> > > use the cisco TSP to allow dialing from OL address book.
> > >
> > > /Wes
> > >
> > > -----Original Message-----
> > > From: cisco-voip-bounces at puck.nether.net
<mailto:cisco-voip-bounces at puck.nether.net> 
> > > [mailto:cisco-voip-bounces at puck.nether.net]On Behalf Of
> Tech Guy
> > > Sent: Tuesday, August 16, 2005 2:04 PM
> > > To: cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > > Subject: [cisco-voip] WebDialer and Outlook
> > >
> > >
> > > I am reading this cisco press book "Cisco CallManager Best
> Practices"
> > > and on page 343 it talks about the WebDialer and the ability to have
> a
> > > Microsoft Outlook address book add-in.
> > >
> > > I am curious if something like this is out there for free or what?
> I
> > > was playing with the webdialer today for the first time, and it was
> > > limited to the global directory.  Just wondering what others have
> done
> > > if anything with the webdialer.
> > >
> > > _______________________________________________
> > > cisco-voip mailing list
> > > cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > > https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> > >
> > >
> > 
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> > 
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> > 
> > _______________________________________________
> > cisco-voip mailing list
> > cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> > https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> >
> 
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> 
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
> https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 
> 
> 
>

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net <mailto:cisco-voip at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/cisco-voip
<https://puck.nether.net/mailman/listinfo/cisco-voip> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20050817/60ef2260/attachment-0001.html

More information about the cisco-voip mailing list