[cisco-voip] Home user
Scott Voll
svoll.voip at gmail.com
Wed Oct 17 10:46:46 EDT 2007
if your trying to get around the Firewall and lets say your Call manager is
on the DMZ or LAN I think the Phone Proxy is a great option. No VPN. Well
priced (believe it or not...... ) and easy to use.
I got the Phone proxy with the default 25 phone license pack and had it up
and running in less then 4 hours. reading the doc's to get it setup. No
VPN overhead or troubleshooting.
Just my two cents.
Scott
On 10/17/07, Jerky <lists at jerkys.org> wrote:
>
> I haven't been particularly fond of the Sonicwalls either but they
> pre-date me and have been inherited.
> currently it looks like this:
> Sonicwall (10 user type)ß-DSL or Cable-à INTERNET ß---T1 Internet--à26xx
> router ß--Ethernet---àSonicwall (VX/PRO type)ß--- LAN
> |______ß--- DMZ
> network
>
>
> I'll have to take a closer look at a 2800 router for this. I have one
> available that I typically use in the voice lab. Should the 2800 be able to
> handle things like setting up a DMZ and one-to-one NAT mappings (I'm not
> sure if that is the same term used in the Cisco world for it) to internal
> hosts. From the initial reading I've done about it seems there's a fine line
> between the firewall appliances like the Sonicwall and ASA or PIX and
> 2800/3800 routers since it seems the ISRs have hardware level encryption
> built in.
>
>
> Thanks,
> jeff
>
>
>
> On Oct 16, 2007, at 6:40 PM, Curt Shaffer wrote:
>
> Actually due to a difference between who this customer uses for Server
> network vs. Phone network; they have been using Sonicwall for normal VPN
> connectivity, which I personally do not like based on personal experience.
> But the setup will be as follows:
>
>
>
> 87x router or ASA ß-DSL or Cable-à INTERNET ß---PRI/Internet connection--à2811
> routerß-Phone LAN
>
>
>
> *From:* Jerky [mailto:lists at jerkys.org <lists at jerkys.org>]
> *Sent:* Tuesday, October 16, 2007 6:32 PM
> *To:* Linsemier, Matthew
> *Cc:* Curt Shaffer; cisco-voip at puck.nether.net
> *Subject:* Re: [cisco-voip] Home user
>
>
>
> This has been kicked around for a while since we moved to CallManager but
> not much thought has been given to it. I'm trying to understand how your
> hardware is setup. How would it look, similar to one of these?
>
>
>
> 87x router <---DSL or Cable---> INTERNET <--T1 connection---> 3845
> <--Ethernet--> LAN
>
>
>
> or
>
>
>
> 87x router <---DSL or Cable---> INTERNET <--T1 connection---> 3845 <--->
> ASA or PIX Firewall <--Ethernet--> LAN
>
>
>
> Is the 3800 used for all your firewalling needs in lieu of something like
> an ASA or PIX? Sonicwall's are currently in place and haven't worked very
> well for the remote users it was tested with. The Sonicwalls we have don't
> have anything similar to what the 871's seem to have in regards to vlans and
> packet tagging. We would probably kick the Sonicwalls out if something else
> would work better.
>
>
>
> jeff
>
>
>
> On Oct 16, 2007, at 8:16 AM, Linsemier, Matthew wrote:
>
>
>
> We currently have about 40 production remote home teleworkers that have
> been deployed using Cisco 871/877 wireless routers and a 7960 phones. We
> are using a Cisco 3845 series router at the head-end so that we can control
> QoS tagging on the egress / ingress points of both sides of the VPN tunnel.
> We are using a phase 2 DMVPN solution dual-homed to two sites to provide
> secure redundant connectivity.
>
>
>
> It took me a bit to tweak my router configurations (I started on Cisco
> 831/837 routers) to get the results that we wanted, but all and all our
> users are happy. There is the occasional jitter and packet loss (it is the
> Internet mind you) but g.729 is working quite well coupled with business
> cable and DSL services.
>
>
>
> If you have any other questions, feel free to ask.
>
>
>
> Matt
>
>
>
> *From:* cisco-voip-bounces at puck.nether.net [
> mailto:cisco-voip-bounces at puck.nether.net<cisco-voip-bounces at puck.nether.net>]
> *On Behalf Of *Curt Shaffer
> *Sent:* Monday, October 15, 2007 6:37 PM
> *To:* cisco-voip at puck.nether.net
> *Subject:* [cisco-voip] Home user
>
>
>
> I was wondering want everyone out there is using for the situation where
> you have someone on your CCM or CCME that has 1 phone at a home office.
> Something tells me an ASA is overkill and I haven't found solid information
> that any of the 87x routers support tagging QoS of packets going through the
> VPN tunnel. We would obviously like to have QoS in place even though it's
> not respected at their ISP just to make sure the VPN/Voice packets are
> leaving their routers first as a best effort to get some quality.
>
>
>
> Thanks
>
>
>
>
> ------------------------------
>
> CONFIDENTIALITY STATEMENT
> This communication and any attachments are CONFIDENTIAL and may be
> protected by one or more legal privileges. It is intended solely for the use
> of the addressee identified above. If you are not the intended recipient,
> any use, disclosure, copying or distribution of this communication is
> UNAUTHORIZED. Neither this information block, the typed name of the sender,
> nor anything else in this message is intended to constitute an electronic
> signature unless a specific statement to the contrary is included in this
> message. If you have received this communication in error, please
> immediately contact me and delete this communication from your computer.
> Thank you.
> ------------------------------
>
> _______________________________________________
>
> cisco-voip mailing list
>
> cisco-voip at puck.nether.net
>
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20071017/091a4fca/attachment.html
More information about the cisco-voip
mailing list