[cisco-voip] do you allow access to Cisco PCA for all your users?

Lelio Fulgenzi lelio at uoguelph.ca
Mon Dec 5 10:25:45 EST 2011 

Exactly. However, I'm more concerned with those with some admin level privileges doing that. I really wish their was a from/to audit log in an easy to read format. 

Sent from my iPhone

On Dec 5, 2011, at 10:10 AM, Scott Voll <svoll.voip at gmail.com> wrote:

> The second part is do you want to support the issues that the users can cause?
> 
> All of a sudden callers are going weird places, and no one seems to know why..... Then you figure out that the user went in and fat fingered something....
> 
> ymmv
> 
> Scott
> 
> On Fri, Dec 2, 2011 at 4:00 PM, Lelio Fulgenzi <lelio at uoguelph.ca> wrote:
> We are not currently offering Cisco PCA because Unity Connection along with CUCM has the admin ports and user ports on the SAME ports. Typically admin web pages are on a different port to protect them from users and hack attempts, basically allow access to admin ports from trusted networks.
> 
> We have deployed a reverse proxy to allow access to CUCM user pages but even that was difficult because the CCM user pages reference images in the ccmadmin directory. *sigh*
> 
> We were not able to get a reverse proxy to PCA working because the media master bar was not working through the reverse proxy. We didn't try to hard, but we were pretty sure this java app had the system's IP address hardcoded so the reverse proxy couldn't rewrite it (or something like that).
> 
> What makes things worse is that when you go to the root http page, i.e. just the IP address, it has a link to the administration pages!
> 
> 
> 
> ---
> Lelio Fulgenzi, B.A.
> Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
> (519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Cooking with unix is easy. You just sed it and forget it. 
>                               - LFJ (with apologies to Mr. Popeil)
> 
> 
> From: "Edgardo Perez" <edgardo.perez at swri.org>
> To: "cisco-voip at puck.nether.net" <cisco-voip at puck.nether.net>
> Sent: Friday, December 2, 2011 2:54:46 PM
> Subject: [cisco-voip] do you allow access to Cisco PCA for all your users?
> 
> 
> I’m curious to know how many of the list readers allow access to Cisco PCA for all their users.
> 
>  
> 
> It is worth the trouble to enable this portal?
> 
>  
> 
> I will like to know your opinion and any other stories related to PCA that you want to share.
> 
>  
> 
> BTW, we are running Unity Connection 7.1(5).
> 
>  
> 
> Thanks and have a great weekend.
> 
>  
> 
> Edgardo (Ed) Perez
> 
> Assistant Director
> 
> Network Services
> 
> Southwest Research Institute, Information Technology Center,
> 
> 6220 Culebra Rd., P.O. Drawer 28510, San Antonio, TX 78228-0510
> 
> voice: (210) 522-2880, fax: (210) 522-3424
> 
> e-mail: edgardo.perez at swri.org
> 
>  
> 
> 
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20111205/e7491d82/attachment.html>

More information about the cisco-voip mailing list