[cisco-voip] Preventing Web Access to 79xx

Lelio Fulgenzi lelio at uoguelph.ca
Tue Nov 3 09:56:31 EST 2009 

Personally speaking, I would investigate using ACLs to limit access to the phones web browser/server. There are many services (some Cisco, some third party) that use the web server to do stuff, like post messages, etc. 

Granted, it's a little more involved, and you need to have separate voice and data VLANs, but it's a better long term approach. IMHO. 

--- 
Lelio Fulgenzi, B.A. 
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1 
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN) 
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
"Bad grammar makes me [sic]" - Tshirt 


----- Original Message ----- 
From: "Wes Sisk" <wsisk at cisco.com> 
To: "mark baker" <mb at c2ukltd.com> 
Cc: cisco-voip at puck.nether.net 
Sent: Tuesday, November 3, 2009 9:32:09 AM GMT -05:00 US/Canada Eastern 
Subject: Re: [cisco-voip] Preventing Web Access to 79xx 

What Philip indicated is correct. Change that setting, reset the phone. phone should download new config file. Then phone should disable http interface. ACL should not be necessary. If you made the change on the phone and it's not taking effect then I strongly recommend investigating that more closely. This can be a symptom of more significant issues on your CM. 

/Wes 

On Tuesday, November 03, 2009 7:07:46 AM, mark baker <mb at c2ukltd.com> wrote: 





We have tried preventing Web Access here however we are still able to get in some how. Now in the process of putting ACL although you would have thought there was a smarter way of achieving this?? Many thanks for all of the replies so far folks. 





From: Philip Walenta [ mailto:pwalenta at wi.rr.com ] 
Sent: 03 November 2009 12:00 
To: mark baker; cisco-voip at puck.nether.net 
Subject: RE: [cisco-voip] Preventing Web Access to 79xx 



On my CUCM 7.0.2 system I see an option under “Product Specific Configuration Layout” on my 7970’s. It’s called “Web Access”…have you tried this? 





From: cisco-voip-bounces at puck.nether.net [ mailto:cisco-voip-bounces at puck.nether.net ] On Behalf Of mark baker 
Sent: Tuesday, November 03, 2009 3:53 AM 
To: cisco-voip at puck.nether.net 
Subject: [cisco-voip] Preventing Web Access to 79xx 



Hi Folks, 



We are currently deploying a CCM system and have a security remit of locking all Web Access to our 79xx phones. Can anyone advise on this no matter what we try we can still access. All help much appreciated. 



Regards, 



Mark 
_______________________________________________
cisco-voip mailing list cisco-voip at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip 

_______________________________________________ cisco-voip mailing list cisco-voip at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20091103/627b1731/attachment.html>

More information about the cisco-voip mailing list