[cisco-voip] Remote 7961 Phone at Someone's House - Notes for Setup!

Tech Guy techguy at gmail.com
Thu Oct 26 10:53:27 EDT 2006 

This is pretty much word for word from the Cisco Mobile Worker/Office SRND
from some years back, it has not been updated in some time, at least not
since I last looked at it personally about a year or so ago.  I guess the
one thing I noticed that changed is the router model.

We deployed about 40 7960's and 837's I believe back then.  It was fairly
easy and straight forward.  The 837's were configured with the ezvpn I
think, and connected back to cisco concentrator over a fiber internet
connection at the main office.  Of course each of the home users were on
cable modems which worked out fine for us.

Our issues were spotty, and I blame it on the internet completely.  I was
against deploying the solution personally, because it was being deployed to
sales and recruiting people who worked independtly all over the US, they are
the heaviest phone users.  And yet we were giving them phone service that we
simply could not quarantee, and no one in mgmt could understand why.  They
would complain about the quality, ask me about it, I would tell them the
issue time and time again and they didn't want to hear it, in fact they
would tell me how to fix it "upgrade our bandwidth" or "upgrade their
bandwidth" ughhh.. what a nightmare.

Anyway, the solution is pretty much what they told you and is simple.
Basically configure the router to hand out DHCP to the devices connected to
it, include the TFTP option 150 info of your callmanagers.  Make sure the
router can establish a vpn connection back to the main office, and that you
allow the appropriate data to pass obviously.  Router boots up, grabs
internet IP on the BVI port I believe, but I don't think it establishes the
VPN tunnel at this point.  I think it takes traffic "such as the phone
trying to hit addresses that reside on the VPN" to cause the vpn tunnel to
establish.  Anyway, so then phone boots up grabs DHCP from router, including
TFTP.. then trys to hit TFTP and causes vpn tunnel to establish.  Pulls info
and registers if you will with callmanager.  You can QoS it to death and it
will work to some extent, but ultimately and obviously your simply at the
mercy of the internet.

Good luck with it.  ;-)



On 10/25/06, Steve Miller <millerman1 at cox.net> wrote:
>
>  The following is information that I have rec'd regarding the
> installation of a 7961 at someone's house who is using cable or DSL.  Is
> there anything else that we might need to think about?  Thank you!
>
> Notes from Cisco Engineer:
>
> The remote equipment at the home office would consist of a Cisco 871
> router and a Cisco phone with a power block.  The Cisco 871 would function
> as the home office's firewall and router (and would connect to either a
> cable modem or a DSL modem depending on the site).  The router would be
> configured to have an IPSec tunnel back to the office network (most likely
> configured off of your existing concentrator).  The remote Cisco 871 would
> be configured with DHCP and have the TFTP scope option set to tell all
> devices the IP address of the Call Manager server (note the router has a
> built-in four port switch).
>
>  At that point, the IP Phone would register normally to the Call Manager
> servers using the IPSec tunnel as it's communication path.  The keepalives
> from the phone to the CM servers would keep the IPSec tunnel up and running
> 24/7.
>
>  The restrictions on this type of deployment are:
>
>                         -must use G729 codec due to bandwidth restrictions
>
>                         -extremely limited QoS control since we are going
> across the Internet
>
>                         -security policies need to be visited since the
> remote office would have access to the corporate internal network (this one
> is a biggie)
>
>                                     -sub-issue regarding calling from home
> office to home office.  This is doable but adds additional security and
> deployment issues.
>
>                         -need to consider the standard IT management
> overhead associated with supporting home equipment.
>
>
>
> Thank you!
>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20061026/9d23545c/attachment.html

More information about the cisco-voip mailing list