[cisco-voip] trusted relay points

Tue Feb 17 12:22:54 EST 2015

I believe you can configure your router to be a software MTP with “codec pass-through” as long as you don’t need transcoding. Then you won’t need DSPs.

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Lelio Fulgenzi
Sent: 17 February 2015 9:55 AM
To: Brian Meade
Cc: Cisco VOIP
Subject: Re: [cisco-voip] trusted relay points

Thanks Brian.

I'm guessing the only things I would have to do is ensure that I have enough MTP resources on the trusted device. I could use the DSP calculator for that.

---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph

519‐824‐4120 Ext 56354
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1

________________________________
From: "Brian Meade" <bmeade90 at vt.edu<mailto:bmeade90 at vt.edu>>
To: "Lelio Fulgenzi" <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>>
Cc: "Cisco VOIP" <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Sent: Tuesday, February 17, 2015 11:34:22 AM
Subject: Re: [cisco-voip] trusted relay points
They're basically just MTPs you deem to be "trusted".  A lot of people use them for switching between IPv4 and IPv6.  Really not anything different than just forcing MTP Required other than maybe just narrowing down the MTP list.  Some people use the same setup for VPN phones/IP Communicators over VPN so VPN clients don't have to be able to talk directly to each other.

On Tue, Feb 17, 2015 at 11:28 AM, Lelio Fulgenzi <lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>> wrote:

We had a security discussion with our account team, and one thing that was brought up was the concept/feature of trusted relay points.

There's not much on the subject in the guides, other than saying some MTPs are trusted relay points.

Our thought was, rather than opening up the voice VLANs to allow media from the data VLANs, we could simply set up the Jabber clients with "trusted relay points" enabled and modify the voice VLAN ACLs to allow access from these trusted relay points. We could either use our PSTN gateways or deploy another set of 2900s for this purpose.

This would also help us in the short term, I believe, by not having to enable "peer to peer" communications on our wiLAN.

Any thoughts or pointers to some documents would be fantastic.

Lelio

---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph

519‐824‐4120 Ext 56354<tel:519%E2%80%90824%E2%80%904120%20Ext%2056354>
lelio at uoguelph.ca<mailto:lelio at uoguelph.ca>
www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs>
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip

The contents of this message may contain confidential and/or privileged 
subject matter. If this message has been received in error, please contact 
the sender and delete all copies. Like other forms of communication, 
e-mail communications may be vulnerable to interception by unauthorized 
parties. If you do not wish us to communicate with you by e-mail, please 
notify us at your earliest convenience. In the absence of such 
notification, your consent is assumed. Should you choose to allow us to 
communicate by e-mail, we will not take any additional security measures 
(such as encryption) unless specifically requested. 

If you no longer wish to receive commercial messages, you can unsubscribe 
by accessing this link:  http://www.bennettjones.com/unsubscribe

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150217/476824d5/attachment.html>