[cisco-voip] CUCM - separating management traffic

Thu Jan 19 09:11:05 EST 2012

Who knows?  It's not something that I've ever heard of on the roadmap from
CIsco.  Technically speaking, I can't imagine it would be terribly
difficult to have the various CCM services operate on one interface/IP and
the management (HTTP/HTTPS) on another address, but that's just me thinking
about it.

Speaking realistically, I've never seen anyone care enough to implement
ACL's or application layer filtering to "protect" the admin interface in
the real world.

-matthew

On Thu, Jan 19, 2012 at 6:21 AM, FrogOnDSCP46EF <ciscoboy2006 at gmail.com>wrote:

> Thanks Mathew. Would this be difficult to do? Given Cisco has inhouse UC
> developers.
>
>
>
> On Thu, Jan 19, 2012 at 5:52 AM, Matthew Saskin <msaskin at gmail.com> wrote:
>
>> You can't.  Virtual or physical, CUCM only operates using a single
>> interface and single IP address.  Closest you're going to get is firewall
>> rules to disallow certain access based on source, and that may not even
>> work as things like authentication URL's are on the same IP/port on the
>> CUCM - you'd have to do some application layer filtering of URL's.
>>
>>
>> On Wed, Jan 18, 2012 at 11:21 AM, FrogOnDSCP46EF <ciscoboy2006 at gmail.com>wrote:
>>
>>> Have anyone figured out yet how to separate CUCM management  in VMware
>>> or physical deployment?
>>>
>>> It's kind of weird, Cisco's all deployment templates are still putting
>>> mgmt and traffic packets on the same eth0 interface.
>>>
>>> I bet this is in Cisco's todo list.
>>>
>>> thanks
>>>
>>> _______________________________________________
>>> cisco-voip mailing list
>>> cisco-voip at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>>
>>
>
>
> --
> Smile, you'll save someone else's day!
> Frog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120119/a3f40f05/attachment.html>