<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2722" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV>If access to CCM user pages is your only concern, then you might want
consider a reverse proxy. We have that installed and it works very well. You
have to do a bit more work in getting it to work with HTTPS, but it will still
work.</DIV>
<DIV> </DIV>
<DIV>For other application such as softphone, etc, you will need direct access,
but seeing that IIS is under so much attack, I would almost use both - direct
access for applications and proxy access for ccmuser pages. </DIV>
<DIV> </DIV>
<DIV>We have not got the reverse proxy working for Unity user pages but we also
haven't spent much time there either.</DIV>
<DIV> </DIV>
<DIV>--------------------------------------------------------------------------------<BR>Lelio
Fulgenzi, B.A.<BR>Network Analyst (CCS) * University of Guelph * Guelph, Ontario
N1G 2W1<BR>(519) 824-4120 x56354 (519) 767-1060 FAX
(JNHN)<BR>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<BR>"I had a coffee and Coke at lunch today...and now, I've got more jitter than
an<BR>IP phone on a long haul 10base2
connection"
LFJ</DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=techguy@gmail.com href="mailto:techguy@gmail.com">Tech Guy</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=bbieth@pacific.edu
href="mailto:bbieth@pacific.edu">Bradley Bieth</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Cc:</B> <A title=cisco-voip@puck.nether.net
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Wednesday, August 17, 2005 12:32
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: [cisco-voip] WebDialer and
Outlook</DIV>
<DIV><BR></DIV>I think most people do have seperate vlans for voice and data,
many<BR>people do limit pc's from accessing the callmanagers, I have
asked<BR>about this before and it seems obvious you dont want your
pc's<BR>accessing callmanagers but then I have asked what the point of
having<BR>"CCMUser" page? Most of our users use the CCMUser page, so
they need<BR>to access the callmanagers.<BR><BR>In this case I guess our voice
and data vlans, despite being different<BR>are not doing us much good security
wise. However, the voice vlan<BR>will run a separate spanning tree so
that if a PC has a virus and<BR>loads up the data VLAN, the voice vlan may not
be affected. Also, its<BR>better for QOS to keep a separate Voice
vlans.<BR><BR>I have the same concerns as you about our vlans, but not sure
what to<BR>do about the fact our users need access to
CCMUser.<BR><BR><BR><BR><BR>On 8/17/05, Bradley Bieth <<A
href="mailto:bbieth@pacific.edu">bbieth@pacific.edu</A>> wrote:<BR>>
What are the security risk in regards to user computers accessing the
voice<BR>> vlan to make these calls? It sounds that the personal computer
sends the<BR>> dialing information to CCM via the IP address and then CCM
dials that<BR>> number. In our network diagram we have the call managers on
a separate voice<BR>> vlan and we have ACL's setup to allow only those
specific machine access to<BR>> that vlan.<BR>> <BR>> Do other
user have this same setup? How do you get around personal PC's<BR>>
accessing call managers?<BR>> <BR>> Thanks<BR>> Brad<BR>> <A
href="mailto:bbieth@pacific.edu">bbieth@pacific.edu</A><BR>> <BR>>
Bradley Bieth<BR>> Network Engineer I<BR>> Telecommunications<BR>>
University of the Pacific<BR>> <A
href="mailto:bbieth@pacific.edu">bbieth@pacific.edu</A><BR>> (209)
946-3953<BR>> <BR>> >>> "Court Schuett" <<A
href="mailto:cschuett@hfsnorthamerica.com">cschuett@hfsnorthamerica.com</A>>
8/17/2005 8:40:32 AM >>><BR>> <BR>> Thanks for the help.
That must have been it because it is working like<BR>> a champ now.
Have to say, that's a pretty cool feature. Thanks!<BR>> <BR>>
Court Schuett<BR>> <BR>> 630-909-5560<BR>> <A
href="mailto:cschuett@hfsna.com">cschuett@hfsna.com</A><BR>> -----Original
Message-----<BR>> From: Tech Guy [mailto:techguy@gmail.com] <BR>> Sent:
Tuesday, August 16, 2005 4:17 PM<BR>> To: Court Schuett<BR>> Cc: <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
Subject: Re: [cisco-voip] WebDialer and Outlook<BR>> <BR>> Make sure you
have the correct username and password. Log into<BR>> CCMUser to
confirm the username and password is working.<BR>> <BR>> Make sure in
Global Directory the user has the phone setup as the<BR>> controlled
device, and that "Enable CTI Application Use" is checked.<BR>> <BR>> I
ran into this on one user I set it up for and it was a combination<BR>> of
wrong password, and not having enable CTI checked.<BR>> <BR>> On another
user I simply had to reboot for some reason.<BR>> <BR>> Hope that
helps,<BR>> Dane<BR>> <BR>> <BR>> On 8/16/05, Court Schuett <<A
href="mailto:cschuett@hfsnorthamerica.com">cschuett@hfsnorthamerica.com</A>>
wrote:<BR>> > I'm having problems as well. I installed it and
configured everything<BR>> > in it correctly. However, when I go
to the Dialing Properties in<BR>> > Outlook, I don't see an option for
it. All I see are:<BR>> > My Modem<BR>> > IPCONFLINE<BR>>
> H323 Line<BR>> > <BR>> > Outlook 2003<BR>> > Exchange
2003<BR>> > Call Manager 4.0(1)sr2a<BR>> > <BR>> > Any
ideas?<BR>> > <BR>> > Thanks!<BR>> > <BR>> > Court
Schuett<BR>> > <BR>> > 630-909-5560<BR>> > <A
href="mailto:cschuett@hfsna.com">cschuett@hfsna.com</A><BR>> >
-----Original Message-----<BR>> > From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>>
> [mailto:cisco-voip-bounces@puck.nether.net] On Behalf Of<BR>> Ortiz,
Carlos<BR>> > Sent: Tuesday, August 16, 2005 2:26 PM<BR>> > To:
Tech Guy; <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> Subject: RE: [cisco-voip] WebDialer and Outlook<BR>> > <BR>>
> I tried on day to get the Web dialer working but was unsuccessful.
Do<BR>> > you have a specific link/guide that you used. If you can
send it back<BR>> I<BR>> > would appreciate it.<BR>> > <BR>>
> Carlos<BR>> > <BR>> > -----Original Message-----<BR>> >
From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>>
> [mailto:cisco-voip-bounces@puck.nether.net] On Behalf Of<BR>> Tech
Guy<BR>> > Sent: Tuesday, August 16, 2005 2:34 PM<BR>> > To: <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> Subject: Re: [cisco-voip] WebDialer and Outlook<BR>> > <BR>>
> Humm.. care to expand on this? I am unsure what you are referring
to<BR>> > when you say "use the cisco tsp" ?<BR>> > <BR>> >
Dane<BR>> > <BR>> > On 8/16/05, Wes Sisk <<A
href="mailto:wsisk@cisco.com">wsisk@cisco.com</A>> wrote:<BR>> > >
use the cisco TSP to allow dialing from OL address book.<BR>> >
><BR>> > > /Wes<BR>> > ><BR>> > > -----Original
Message-----<BR>> > > From: <A
href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</A><BR>>
> > [mailto:cisco-voip-bounces@puck.nether.net]On Behalf Of<BR>> Tech
Guy<BR>> > > Sent: Tuesday, August 16, 2005 2:04 PM<BR>> > >
To: <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> > Subject: [cisco-voip] WebDialer and Outlook<BR>> >
><BR>> > ><BR>> > > I am reading this cisco press book
"Cisco CallManager Best<BR>> Practices"<BR>> > > and on page 343
it talks about the WebDialer and the ability to have<BR>> a<BR>> >
> Microsoft Outlook address book add-in.<BR>> > ><BR>> >
> I am curious if something like this is out there for free or
what?<BR>> I<BR>> > > was playing with the webdialer today for the
first time, and it was<BR>> > > limited to the global
directory. Just wondering what others have<BR>> done<BR>> >
> if anything with the webdialer.<BR>> > ><BR>> > >
_______________________________________________<BR>> > > cisco-voip
mailing list<BR>> > > <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> > <A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
> ><BR>> > ><BR>> > <BR>> >
_______________________________________________<BR>> > cisco-voip
mailing list<BR>> > <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> <A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
> <BR>> > _______________________________________________<BR>>
> cisco-voip mailing list<BR>> > <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> <A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
> <BR>> > _______________________________________________<BR>>
> cisco-voip mailing list<BR>> > <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
> <A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
><BR>> <BR>> _______________________________________________<BR>>
cisco-voip mailing list<BR>> <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
<A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
<BR>> _______________________________________________<BR>> cisco-voip
mailing list<BR>> <A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR>>
<A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR>>
<BR>>
<BR>><BR><BR>_______________________________________________<BR>cisco-voip
mailing list<BR><A
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</A><BR><A
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</A><BR></BLOCKQUOTE></BODY></HTML>