[cisco-voip] IOS access-lists to hidecallmanager/unity/personalassistant?

[Ray Burkholder]

The only issue with this is that there is a recommendation out there to make
the server join the domain when one wants to access SQL directly for
generating reports, otherwise one gets into SQL authentication issues, of
which I've forgotten all the in's and out's, but is/was something I've been
struggling with.  Unless someone else has some good suggestions as to how to
get to SQL from domain workstations for the benefit of generating custom
reports.

  _____  

From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Matt Slaga (US)
Sent: Friday, October 13, 2006 14:01
To: Voigt Thomas; cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] IOS access-lists to
hidecallmanager/unity/personalassistant?


I would strongly suggest that you keep your cisco servers (outside of unity)
in a workgroup.  If you look at all of your upgrade requirements, you have
to remove and readd the server to the domain for each upgrade.  If you are
lucky you have access to add/remove machines to a domain, if not you have to
use a server engineer with any upgrade.  TAC can also ask you to remove the
server from a domain in troubleshooting issues.
 
The "benefits" you receive from adding a cisco server to a domain do not add
up to the benefits of keeping it out of the domain.

  _____  

From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Voigt Thomas
Sent: Friday, October 13, 2006 8:40 AM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] IOS access-lists to hide
callmanager/unity/personalassistant?



Hi all! 

Has anyone experiences with IOS access-lists to hide the Cisco servers from
the other clients in the net? 

Our server guys tell us to migrate our servers to their active directory
(which should be no problem) and also to their 

security concept which includes distributing Microsoft patches to the
servers. This is not allowed by Cisco. 

So we have to hide our Cisco gear with access lists to have only contact
with the ip phones and other neccessary 
communications. 

I know that there are documents at CCO that document the ports used by CCM,
UNITY and PA. But are there 
access lists anywhere which we could use? 


-- 
With kind regards 

Thomas Voigt 
  


-- 
Scanned for viruses & dangerous content at One Unified
<http://www.oneunified.net>  and is believed to be clean. 


  _____  

Disclaimer: This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the designated
addressee(s) named above only. If you are not the intended addressee, you
are hereby notified that you have received this communication in error and
that any use or reproduction of this email or its contents is strictly
prohibited and may be unlawful. If you have received this communication in
error, please notify us immediately by replying to this message and deleting
it from your computer. Thank you. 


-- 
Scanned for viruses & dangerous content at One Unified
<http://www.oneunified.net>  and is believed to be clean. 

-- 
Scanned for viruses and dangerous content at 
http://www.oneunified.net and is believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20061013/67967423/attachment.html