[cisco-voip] Antw: Securing an IP Phone with a PIN
Robert Schuknecht
rschuknecht at gmx.de
Tue Sep 23 02:32:35 EDT 2008
The block patterns are the right way to go, but if you configure a block pattern with "24x7" it can´t be overwritten with the phone pin. You will have to configure "after hour" time frames, these can be overwritten with the telephone pin. Take a lot at the CUCME Admin-Guide.
HTH
/Robert
>>> Kumar, Narinder<Narinder.Kumar at getronics.com> schrieb am Dienstag, 23.
September 2008 um 07:55 in Nachricht 2e11488bc267911c4efe7bc042235826:
> Peter, under ur telephony service you need to block the pattern
> e.g something like below:
> block pattern 1 900 24x7.
> Once you do that than assign pin to the users to overwrite the block
> pattern.
>
> Cheers
> Narinder
>
> -----Original Message-----
> From: cisco-voip-bounces at puck.nether.net
> [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of
> cisco-voip-request at puck.nether.net
> Sent: Tuesday, 23 September 2008 6:07 AM
> To: cisco-voip at puck.nether.net
> Subject: cisco-voip Digest, Vol 59, Issue 185
>
> Send cisco-voip mailing list submissions to
> cisco-voip at puck.nether.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://puck.nether.net/mailman/listinfo/cisco-voip
> or, via email, send a message with subject or body 'help' to
> cisco-voip-request at puck.nether.net
>
> You can reach the person managing the list at
> cisco-voip-owner at puck.nether.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cisco-voip digest..."
>
>
> Today's Topics:
>
> 1. Re: Cisco VPN for voice routers... (Joe Cisco)
> 2. Re: Cisco VPN for voice routers... (Joe Cisco)
> 3. Re: MeetingPlace express VMware ESX (Voice Noob)
> 4. Securing an IP Phone with a PIN (Peter Nyamukusa)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 22 Sep 2008 14:30:32 -0500
> From: "Joe Cisco" <smetsysocsic at gmail.com>
> Subject: Re: [cisco-voip] Cisco VPN for voice routers...
> To: "Corbett Enders" <cenders at homesbyavi.com>
> Cc: cisco-voip at puck.nether.net, Hoon Hong <Hoon.Hong at mulvannyg2.com>
> Message-ID:
> <ae303060809221230l99badcek1806da544f68e012 at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> You can't QoS over the internet, unless perhaps you have the same
> provider at each location and for a nominal fee they'll provide QoS
> across their network.
>
> I'd stick with Cisco and go with the ASA. I believe Cisco EoL'd the
> VPN Concentrators. The added benefit of staying with cisco is if/when
> you call tech support there is no finger pointing between different
> brands.
>
> -Joe C.
>
>
> On Mon, Sep 22, 2008 at 2:21 PM, Corbett Enders <cenders at homesbyavi.com>
> wrote:
>> Regarding the QoS, there is little other traffic than voice on the
> VPN.
>> Besides, how do you use QoS on the Internet anyway?
>>
>>
>>
>> From: Hoon Hong [mailto:Hoon.Hong at MulvannyG2.com]
>> Sent: Monday, September 22, 2008 12:57 PM
>> To: Corbett Enders; cisco-voip at puck.nether.net
>> Subject: RE: [cisco-voip] Cisco VPN for voice routers...
>>
>>
>>
>> Cisco for sure. Router will be even better. So you can set QOS all the
> way
>> thru.
>>
>>
>>
>> Hoon Hong (? ?) | Network Engineer (CCVP, SCP, CCSA)
>>
>> MulvannyG2 Architecture
>> T: 425.463.1327 (IP Phone)
>> C: 425.241.2646
>>
>> Hoon
>>
>> The contents of this e-mail and any attachment(s) are confidential and
> the
>> property of MulvannyG2 Architecture.
>>
>>
>>
>> From: cisco-voip-bounces at puck.nether.net
>> [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Corbett
> Enders
>> Sent: Monday, September 22, 2008 10:02 AM
>> To: cisco-voip at puck.nether.net
>> Subject: Re: [cisco-voip] Cisco VPN for voice routers...
>>
>>
>>
>> I should add that we're currently using a Watchguard Core firewall but
> for
>> some reason after a while a few of the VPNs will drop and won't
> recreate
>> unless I reboot the Cisco router. This happens to only a couple of the
>> remote sites, not all of them. Of course, the config across all of
> the
>> remote sites and VPN settings on the Watchguard's are the same (other
> than
>> their respective unique pieces).
>>
>>
>>
>> From: Corbett Enders
>> Sent: Monday, September 22, 2008 9:49 AM
>> To: 'cisco-voip at puck.nether.net'
>> Subject: Cisco VPN for voice routers...
>>
>>
>>
>> We have 25 remote sites with Cisco 2801 routers for Voice. Which is
> the best
>> device I should use at my head office for establishing a VPN to each
> of
>> these sites?
>>
>>
>>
>> Cisco or non-Cisco, I have no preference but of course non-cisco
>> interoperability is a concern as no one seems to follow the IPSEC spec
> 100%.
>>
>>
>>
>> Corbett Enders
>>
>> Network Manager
>> Homes by Avi - 2007 Canadian Builder of the Year.
>> Tel: (403) 536-7170
>> Fax: (403) 536-7171
>> www.homesbyavi.com
>>
>> ? Please consider the environment before printing this email.
>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 22 Sep 2008 14:32:30 -0500
> From: "Joe Cisco" <smetsysocsic at gmail.com>
> Subject: Re: [cisco-voip] Cisco VPN for voice routers...
> To: "Corbett Enders" <cenders at homesbyavi.com>
> Cc: cisco-voip at puck.nether.net, Hoon Hong <Hoon.Hong at mulvannyg2.com>
> Message-ID:
> <ae303060809221232t76d8a825x515bfaaee8f8f69e at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> I forgot to add... i'd recommend configuring the remote sites as g729 as
> well.
>
> -Joe C.
>
> On Mon, Sep 22, 2008 at 2:21 PM, Corbett Enders <cenders at homesbyavi.com>
> wrote:
>> Regarding the QoS, there is little other traffic than voice on the
> VPN.
>> Besides, how do you use QoS on the Internet anyway?
>>
>>
>>
>> From: Hoon Hong [mailto:Hoon.Hong at MulvannyG2.com]
>> Sent: Monday, September 22, 2008 12:57 PM
>> To: Corbett Enders; cisco-voip at puck.nether.net
>> Subject: RE: [cisco-voip] Cisco VPN for voice routers...
>>
>>
>>
>> Cisco for sure. Router will be even better. So you can set QOS all the
> way
>> thru.
>>
>>
>>
>> Hoon Hong (? ?) | Network Engineer (CCVP, SCP, CCSA)
>>
>> MulvannyG2 Architecture
>> T: 425.463.1327 (IP Phone)
>> C: 425.241.2646
>>
>> Hoon
>>
>> The contents of this e-mail and any attachment(s) are confidential and
> the
>> property of MulvannyG2 Architecture.
>>
>>
>>
>> From: cisco-voip-bounces at puck.nether.net
>> [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Corbett
> Enders
>> Sent: Monday, September 22, 2008 10:02 AM
>> To: cisco-voip at puck.nether.net
>> Subject: Re: [cisco-voip] Cisco VPN for voice routers...
>>
>>
>>
>> I should add that we're currently using a Watchguard Core firewall but
> for
>> some reason after a while a few of the VPNs will drop and won't
> recreate
>> unless I reboot the Cisco router. This happens to only a couple of the
>> remote sites, not all of them. Of course, the config across all of
> the
>> remote sites and VPN settings on the Watchguard's are the same (other
> than
>> their respective unique pieces).
>>
>>
>>
>> From: Corbett Enders
>> Sent: Monday, September 22, 2008 9:49 AM
>> To: 'cisco-voip at puck.nether.net'
>> Subject: Cisco VPN for voice routers...
>>
>>
>>
>> We have 25 remote sites with Cisco 2801 routers for Voice. Which is
> the best
>> device I should use at my head office for establishing a VPN to each
> of
>> these sites?
>>
>>
>>
>> Cisco or non-Cisco, I have no preference but of course non-cisco
>> interoperability is a concern as no one seems to follow the IPSEC spec
> 100%.
>>
>>
>>
>> Corbett Enders
>>
>> Network Manager
>> Homes by Avi - 2007 Canadian Builder of the Year.
>> Tel: (403) 536-7170
>> Fax: (403) 536-7171
>> www.homesbyavi.com
>>
>> ? Please consider the environment before printing this email.
>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 22 Sep 2008 14:58:31 -0500
> From: "Voice Noob" <voicenoob at gmail.com>
> Subject: Re: [cisco-voip] MeetingPlace express VMware ESX
> To: "Reto Gassmann" <voip at mrga.ch>
> Cc: "cisco-voip at puck-nether.net" <cisco-voip at puck.nether.net>
> Message-ID:
> <535625f70809221258x1018b2f2u907c1965cb985926 at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Thanks but I said that I have already converted it in my original
> e-mail. I
> did use the VMware tool . The problem is that the server image that is
> shipped uses IDE drives and ESX does not support IDE. So during the
> conversion proccess it converts it to SCSI and then when I start the vm
> the
> GRUB loader does not boot the system.
>
> On Mon, Sep 22, 2008 at 1:27 PM, Reto Gassmann <voip at mrga.ch> wrote:
>
>> Hi
>>
>> try to import the image with the VMWare Converter.
>> http://www.vmware.com/products/converter/
>> you can set source and destination and it converts the Image from
> VMServer
>> to ESX.
>>
>> ----- Original Message -----
>> *From:* Voice Noob <voicenoob at gmail.com>
>> *To:* cisco-voip at puck-nether.net
>> *Sent:* Monday, September 22, 2008 8:18 PM
>> *Subject:* [cisco-voip] MeetingPlace express VMware ESX
>>
>>
>> Has anyone found a way to install Meetingplace 2.x in Vmware ESX? I
> know
>> you can order the NFR from Cisco and they will send you a VMware image
>> already configured. The problem is all I have at my company. ESX and
> not
>> vmware server. I have tried to convert it and it will not boot.
>>
>> ------------------------------
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <https://puck.nether.net/pipermail/cisco-voip/attachments/20080922/0cdc9
> cad/attachment-0001.html>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 22 Sep 2008 23:02:46 +0300
> From: "Peter Nyamukusa" <peter.nyamukusa at africaonline.co.tz>
> Subject: [cisco-voip] Securing an IP Phone with a PIN
> To: <cisco-voip at puck.nether.net>
> Message-ID:
> <023501c91cee$2f137bd0$8d3a7370$@nyamukusa at africaonline.co.tz>
> Content-Type: text/plain; charset="us-ascii"
>
> Hi Folks,
>
>
>
> I am new to this group I acquired a Cisco call manager system running on
> Cisco 2821 with c2800nm-spservicesk9-mz.124-9.T7.bin
>
> I have managed to set my VoIP network using documentation on the Cisco
> websites, I have several FXO ports connecting to the PSTN, Mobile
> operators,
> and an IP Planet VOIP GW terminating my VOIP WAN. My IP Phones consist
> of
> 7941G and 7906G phones and I would like to secure each ext using a pin
> before any calls to the PSTN are permitted
>
> I have the following config below which does not seem to be working
>
>
>
> ephone 1
>
> no multicast-moh
>
> description NOC
>
> mac-address 001F.9EAB.6C20
>
> username "peter" password xxxxx
>
> type 7941
>
> button 1:1 2:2
>
> pin 1234
>
>
>
> Any help or pointers is appreciated
>
>
>
> Regards,
>
> Peter Nyamukusa - CCIP, JNCIS, MCSE 2000/2003, Linux+
> Technical Manager
> Africa Online (T) Ltd
> Tel: +255 (22) 211 6090
> Fax: +255 (22) 211 6089
> Email: <mailto:petern at africaonline.co.tz>
> peter.nyamukusa at africaonline.co.tz
> AIM: petenya
>
>
>
>
>
> A member of the Telkom South Africa
> Groupcid:image004.jpg at 01C8E2CC.6068DD30
>
> Africa Online Disclaimer and Confidentiality Note
>
> This e-mail, its attachments and any rights attaching hereto are, unless
> the
> context clearly indicates otherwise, the property of Africa Online
> Holdings
> (Mauritius) Limited and / or its subsidiaries ("the Group"). It is
> confidential and intended for the addressee only. Should you not be the
> addressee and have received this e-mail by mistake, kindly notify the
> sender, delete this e-mail immediately and do not disclose or use the
> same
> in any manner whatsoever. Views and opinions expressed in this e-mail
> are
> those of the sender unless clearly stated as those of the Group. The
> Group
> accepts no liability whatsoever for any loss or damages, however
> incurred,
> resulting from the use of this e-mail or its attachments. The Group does
> not
> warrant the integrity of this e-mail, nor that it is free of errors,
> viruses, interception or interference. For more information about Africa
> Online, please visit our website at http://www.africaonline.com
>
>
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <https://puck.nether.net/pipermail/cisco-voip/attachments/20080922/402ef
> 2ab/attachment.html>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: image/gif
> Size: 6441 bytes
> Desc: not available
> URL:
> <https://puck.nether.net/pipermail/cisco-voip/attachments/20080922/402ef
> 2ab/attachment.gif>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: image/jpeg
> Size: 2701 bytes
> Desc: not available
> URL:
> <https://puck.nether.net/pipermail/cisco-voip/attachments/20080922/402ef
> 2ab/attachment.jpe>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/octet-stream
> Size: 6356 bytes
> Desc: not available
> URL:
> <https://puck.nether.net/pipermail/cisco-voip/attachments/20080922/402ef
> 2ab/attachment.obj>
>
> ------------------------------
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
> End of cisco-voip Digest, Vol 59, Issue 185
> *******************************************
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
More information about the cisco-voip
mailing list