<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>IOS access-lists to hide callmanager/unity/personal assistant?</TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.5700.6" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=234242113-16102006><FONT face=Arial
color=#0000ff size=2>The best way to allow direct sql access is to enable mixed
mode authentication (SA and Windows Authentication).
</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] <B>On Behalf Of </B>Ray
Burkholder<BR><B>Sent:</B> Friday, October 13, 2006 1:06 PM<BR><B>To:</B>
cisco-voip@puck.nether.net<BR><B>Subject:</B> Re: [cisco-voip] IOS access-lists
tohidecallmanager/unity/personalassistant?<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=695220317-13102006><FONT face=Arial color=#0000ff size=2>The only issue
with this is that there is a recommendation out there to make the server join
the domain when one wants to access SQL directly for generating reports,
otherwise one gets into SQL authentication issues, of which I've forgotten all
the in's and out's, but is/was something I've been struggling with. Unless
someone else has some good suggestions as to how to get to SQL from domain
workstations for the benefit of generating custom
reports.</FONT></SPAN></FONT></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] <B>On Behalf Of </B>Matt Slaga
(US)<BR><B>Sent:</B> Friday, October 13, 2006 14:01<BR><B>To:</B> Voigt Thomas;
cisco-voip@puck.nether.net<BR><B>Subject:</B> Re: [cisco-voip] IOS access-lists
to hidecallmanager/unity/personalassistant?<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=546285816-13102006><FONT face=Arial
color=#0000ff size=2>I would strongly suggest that you keep your cisco servers
(outside of unity) in a workgroup. If you look at all of your upgrade
requirements, you have to remove and readd the server to the domain for each
upgrade. If you are lucky you have access to add/remove machines to a
domain, if not you have to use a server engineer with any upgrade. TAC can
also ask you to remove the server from a domain in troubleshooting
issues.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=546285816-13102006><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=546285816-13102006><FONT face=Arial
color=#0000ff size=2>The "benefits" you receive from adding a cisco server to a
domain do not add up to the benefits of keeping it out of the
domain.</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] <B>On Behalf Of </B>Voigt
Thomas<BR><B>Sent:</B> Friday, October 13, 2006 8:40 AM<BR><B>To:</B>
cisco-voip@puck.nether.net<BR><B>Subject:</B> [cisco-voip] IOS access-lists to
hide callmanager/unity/personalassistant?<BR></FONT><BR></DIV>
<DIV></DIV><!-- Converted from text/rtf format -->
<P><FONT face=Arial size=2>Hi all!</FONT> </P>
<P><FONT face=Arial size=2>Has anyone experiences with IOS access-lists to hide
the Cisco servers from the other clients in the net?</FONT> </P>
<P><FONT face=Arial size=2>Our server guys tell us to migrate our servers to
their active directory (which should be no problem) and also to their
</FONT></P>
<P><FONT face=Arial size=2>security concept which includes distributing
Microsoft patches to the servers. This is not allowed by Cisco…</FONT> </P>
<P><FONT face=Arial size=2>So we have to hide our Cisco gear with access lists
to have only contact with the ip phones and other neccessary </FONT><BR><FONT
face=Arial size=2>communications.</FONT> </P>
<P><FONT face=Arial size=2>I know that there are documents at CCO that document
the ports used by CCM, UNITY and PA. But are there </FONT><BR><FONT face=Arial
size=2>access lists anywhere which we could use?</FONT> </P><BR>
<P><FONT face=Arial size=2>-- </FONT><BR><FONT face=Arial size=2>With kind
regards</FONT> </P>
<P><FONT face=Arial size=2>Thomas Voigt</FONT> <BR><FONT face=Arial
size=2> </FONT> </P><BR>-- <BR>Scanned for viruses & dangerous content
at <A href="http://www.oneunified.net">One Unified</A> and is believed to be
clean.
<P>
<HR SIZE=1>
<P></P>
<P><STRONG>Disclaimer: This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the designated
addressee(s) named above only. If you are not the intended addressee, you are
hereby notified that you have received this communication in error and that any
use or reproduction of this email or its contents is strictly prohibited and may
be unlawful. If you have received this communication in error, please notify us
immediately by replying to this message and deleting it from your computer.
Thank you. </STRONG></P><BR>-- <BR>Scanned for viruses & dangerous content
at <A href="http://www.oneunified.net">One Unified</A> and is believed to be
clean. <BR>-- <BR>Scanned for viruses & dangerous content at <A
href="http://www.oneunified.net">One Unified</A> and is believed to be clean.
</BODY></HTML>
<HTML><BODY><P><hr size=1></P>
<P><STRONG>
Disclaimer:
This e-mail communication and any attachments may contain confidential and privileged information and is for use by the designated addressee(s) named above only. If you are not the intended addressee, you are hereby notified that you have received this communication in error and that any use or reproduction of this email or its contents is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer. Thank you.
</STRONG></P></BODY></HTML>