[cisco-voip] user access to ccmuser web pages

Lelio Fulgenzi lelio at uoguelph.ca
Fri Sep 28 15:18:29 EDT 2007 

With IIS, you can modify the IIS controls. You have to be very careful of this though since you can break things quite easily.

The one other reason I wanted to do this was to 'hide' the corporate directory, which needs no userID/password at all. If you had some unlisted numbers, users could easily find them.

  ----- Original Message ----- 
  From: Eric Pedersen 
  To: Wes Sisk 
  Cc: cisco-voip at puck.nether.net 
  Sent: Friday, September 28, 2007 2:31 PM
  Subject: Re: [cisco-voip] user access to ccmuser web pages


  I wasn't clear enough.  We have a limited range of IP addresses that are trusted for callmanager administration, and we have larger IP ranges where our general user population reside.  I would like to filter what networks can access ccmadmin, os admin, etc. so that the general user population can't even get to the login screen.  Because ccmadmin and ccmuser use the same tcp ports, and I haven't found any way to change this, I cannot simply filter admin access with router ACLs.

  Simple username and password authentication isn't a particularly secure way to protect such a key piece of infrastructure ... you're just one accidental password disclosure or web server bug away from a hacked callmanager. 



------------------------------------------------------------------------------
  From: Wes Sisk [mailto:wsisk at cisco.com] 
  Sent: September 28, 2007 12:14
  To: Eric Pedersen
  Cc: cisco-voip at puck.nether.net
  Subject: Re: [cisco-voip] user access to ccmuser web pages


  check out the "Standard CCM End Users" group.

  Eric Pedersen wrote: 
    I'm using callmanager 5.1.  I want to enable general user access to the callmanager ccmuser web pages.  I have not seen any way to allow this without also giving access to ccmadmin/osadmin/etc. web pages, which I don't want to do for obvious security reasons.  Is there a way to do this?

    Thanks,
    Eric
----------------------------------------------------------------------------
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

------------------------------------------------------------------------------


  _______________________________________________
  cisco-voip mailing list
  cisco-voip at puck.nether.net
  https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20070928/ea5232a6/attachment.html

More information about the cisco-voip mailing list