[cisco-voip] IOS access-lists tohidecallmanager/unity/personalassistant?

Matt Slaga (US) Matt.Slaga at us.didata.com
Mon Oct 16 09:22:04 EDT 2006 

The best way to allow direct sql access is to enable mixed mode
authentication (SA and Windows Authentication).  

________________________________

From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Ray Burkholder
Sent: Friday, October 13, 2006 1:06 PM
To: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] IOS access-lists
tohidecallmanager/unity/personalassistant?


The only issue with this is that there is a recommendation out there to
make the server join the domain when one wants to access SQL directly
for generating reports, otherwise one gets into SQL authentication
issues, of which I've forgotten all the in's and out's, but is/was
something I've been struggling with.  Unless someone else has some good
suggestions as to how to get to SQL from domain workstations for the
benefit of generating custom reports.

________________________________

From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Matt Slaga (US)
Sent: Friday, October 13, 2006 14:01
To: Voigt Thomas; cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] IOS access-lists to
hidecallmanager/unity/personalassistant?


I would strongly suggest that you keep your cisco servers (outside of
unity) in a workgroup.  If you look at all of your upgrade requirements,
you have to remove and readd the server to the domain for each upgrade.
If you are lucky you have access to add/remove machines to a domain, if
not you have to use a server engineer with any upgrade.  TAC can also
ask you to remove the server from a domain in troubleshooting issues.
 
The "benefits" you receive from adding a cisco server to a domain do not
add up to the benefits of keeping it out of the domain.

________________________________

From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Voigt Thomas
Sent: Friday, October 13, 2006 8:40 AM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] IOS access-lists to hide
callmanager/unity/personalassistant?



Hi all! 

Has anyone experiences with IOS access-lists to hide the Cisco servers
from the other clients in the net? 

Our server guys tell us to migrate our servers to their active directory
(which should be no problem) and also to their 

security concept which includes distributing Microsoft patches to the
servers. This is not allowed by Cisco... 

So we have to hide our Cisco gear with access lists to have only contact
with the ip phones and other neccessary 
communications. 

I know that there are documents at CCO that document the ports used by
CCM, UNITY and PA. But are there 
access lists anywhere which we could use? 


-- 
With kind regards 

Thomas Voigt 
  


-- 
Scanned for viruses & dangerous content at One Unified
<http://www.oneunified.net>  and is believed to be clean. 

________________________________

Disclaimer: This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the designated
addressee(s) named above only. If you are not the intended addressee,
you are hereby notified that you have received this communication in
error and that any use or reproduction of this email or its contents is
strictly prohibited and may be unlawful. If you have received this
communication in error, please notify us immediately by replying to this
message and deleting it from your computer. Thank you. 


-- 
Scanned for viruses & dangerous content at One Unified
<http://www.oneunified.net>  and is believed to be clean. 
-- 
Scanned for viruses & dangerous content at One Unified
<http://www.oneunified.net>  and is believed to be clean. 



-----------------------------------------
Disclaimer:

This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the
designated addressee(s) named above only.  If you are not the
intended addressee, you are hereby notified that you have received
this communication in error and that any use or reproduction of
this email or its contents is strictly prohibited and may be
unlawful.  If you have received this communication in error, please
notify us immediately by replying to this message and deleting it
from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20061016/ce6cdfc9/attachment.html

More information about the cisco-voip mailing list