[cisco-voip] trusted relay points

Lelio Fulgenzi lelio at uoguelph.ca
Thu Feb 26 13:13:05 EST 2015


I'm hoping to group my software (CUCM) MTPs into a media resource group that is not assigned to any list or device. As far as I know, as long as a media resource is in a group, it's removed from the default group that anyone can access. 


Now, that being said, as far as I understand, an IOS MTP configured without DSPs is still considered a software MTP is it not? 


Could just be semantics, but I'd like to understand when people mention it. 


LElio 



--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519‐824‐4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 

----- Original Message -----

From: "Dennis Heim" <Dennis.Heim at wwt.com> 
To: "Lelio Fulgenzi" <lelio at uoguelph.ca> 
Cc: "Cisco VOIP" <cisco-voip at puck.nether.net> 
Sent: Thursday, February 26, 2015 1:07:07 PM 
Subject: RE: [cisco-voip] trusted relay points 



Don’t forget to add codec passthrough on all your MTP’s. otherwise it will pick software ones over the hardware ones. 


Dennis Heim | Emerging Technology Architect (Collaboration) 
World Wide Technology, Inc. | +1 314-212-1814 
twitter
chatPhonevideo
"Innovation happens on project squared" -- http://www.projectsquared.com 

Click here to join me in my Collaboration Meeting Room 





From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Lelio Fulgenzi 
Sent: Thursday, February 26, 2015 12:01 PM 
Cc: Cisco VOIP 
Subject: Re: [cisco-voip] trusted relay points 



Just following up on this thread. 



I've read through a number of documents, and I'm beginning to really like the idea of trusted relay points. 



I'm hoping to set up a IOS software based MTP and configure that as TRP (using the firewall traversal command). I'd also set it up as codec passthrough since that's primarily what we'd use it for. 



That being said, as far as I can tell, if I ever do need a XCODER, it would simply call that on top of the MTP/TRP, since I don't think I want to be marking my XCODERs as TRPs since there's no real way to not use them as such and waste resources. 



An alternative would be to modify my MRGLists to contain multiple MRGroups, and order them appropriately, i.e. MTP/TRPs first, then XCODER/TRPs next. 



Any thoughts on this would be greatly appreciated. 



Lelio 





--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519 ‐ 824 ‐ 4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 

----- Original Message -----


From: "Lelio Fulgenzi" < lelio at uoguelph.ca > 
Cc: "Cisco VOIP" < cisco-voip at puck.nether.net > 
Sent: Tuesday, February 17, 2015 1:33:05 PM 
Subject: Re: [cisco-voip] trusted relay points 

Thanks Eric. 

Transcoders are another question I'm trying to clear up as well. I might spin that off into another thread after I read up some more. 

It's good to know that if we don't need transcoding, that we won't need additional DSPs. 

--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519 ‐ 824 ‐ 4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 

----- Original Message -----


From: "Eric Pedersen" < PedersenE at bennettjones.com > 
To: "Lelio Fulgenzi" < lelio at uoguelph.ca >, "Brian Meade" < bmeade90 at vt.edu > 
Cc: "Cisco VOIP" < cisco-voip at puck.nether.net > 
Sent: Tuesday, February 17, 2015 12:22:54 PM 
Subject: RE: [cisco-voip] trusted relay points 
I believe you can configure your router to be a software MTP with “codec pass-through” as long as you don’t need transcoding. Then you won’t need DSPs. 



From: cisco-voip [ mailto:cisco-voip-bounces at puck.nether.net ] On Behalf Of Lelio Fulgenzi 
Sent: 17 February 2015 9:55 AM 
To: Brian Meade 
Cc: Cisco VOIP 
Subject: Re: [cisco-voip] trusted relay points 



Thanks Brian. 

I'm guessing the only things I would have to do is ensure that I have enough MTP resources on the trusted device. I could use the DSP calculator for that. 



--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519 ‐ 824 ‐ 4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 




From: "Brian Meade" < bmeade90 at vt.edu > 
To: "Lelio Fulgenzi" < lelio at uoguelph.ca > 
Cc: "Cisco VOIP" < cisco-voip at puck.nether.net > 
Sent: Tuesday, February 17, 2015 11:34:22 AM 
Subject: Re: [cisco-voip] trusted relay points 

They're basically just MTPs you deem to be "trusted". A lot of people use them for switching between IPv4 and IPv6. Really not anything different than just forcing MTP Required other than maybe just narrowing down the MTP list. Some people use the same setup for VPN phones/IP Communicators over VPN so VPN clients don't have to be able to talk directly to each other. 



On Tue, Feb 17, 2015 at 11:28 AM, Lelio Fulgenzi < lelio at uoguelph.ca > wrote: 



We had a security discussion with our account team, and one thing that was brought up was the concept/feature of trusted relay points. 

There's not much on the subject in the guides, other than saying some MTPs are trusted relay points. 

Our thought was, rather than opening up the voice VLANs to allow media from the data VLANs, we could simply set up the Jabber clients with "trusted relay points" enabled and modify the voice VLAN ACLs to allow access from these trusted relay points. We could either use our PSTN gateways or deploy another set of 2900s for this purpose. 

This would also help us in the short term, I believe, by not having to enable "peer to peer" communications on our wiLAN. 

Any thoughts or pointers to some documents would be fantastic. 

Lelio 

--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519 ‐ 824 ‐ 4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 


_______________________________________________ 
cisco-voip mailing list 
cisco-voip at puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-voip 

The contents of this message may contain confidential and/or privileged subject matter. If this message has been received in error, please contact the sender and delete all copies. Like other forms of communication, e-mail communications may be vulnerable to interception by unauthorized parties. If you do not wish us to communicate with you by e-mail, please notify us at your earliest convenience. In the absence of such notification, your consent is assumed. Should you choose to allow us to communicate by e-mail, we will not take any additional security measures (such as encryption) unless specifically requested. If you no longer wish to receive commercial messages, you can unsubscribe by accessing this link: http://www.bennettjones.com/unsubscribe 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150226/6cb8dd3b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3876 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150226/6cb8dd3b/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1389 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150226/6cb8dd3b/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1292 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150226/6cb8dd3b/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1391 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150226/6cb8dd3b/attachment-0003.png>


More information about the cisco-voip mailing list