<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.gmailquote
{mso-style-name:gmail_quote;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Tech Guy speaks the truth! In his post he has basically summarized
all the trial and tribulations that I have went through over the course of the
last few years here at my company.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Originally we started out with 1x PIX 501 and 1x 7960 doing “test”
calls from a home. In a matter of weeks that ballooned into “deploy PIXes to home
users”, regardless of whether or not they could do any QoS (which they couldn’t).
Later we upgraded to Cisco 831/837 routers doing IPSec with QoS and our performance
was spotty. Some users experiences were great while others perceived jitter as
“problems with the phone system” which of course got escalated up the chain of
management. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>This year we did yet another upgrade to Cisco 871/877 routers,
increased bandwidth where we could, implemented VLAN’s to separate corporate and
home networks, introduced wireless, maximized our QoS on endpoints, and moved
to the g.729 codec (g.711 was the original way Cisco touted to do it). Things
are getting increasingly better, but as Tech Guy stated, you can “QoS it to
death” (I am stealing this phrase by the way) until you are blue in the face
yet ultimately at the mercy of the provider and Internet.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Matt<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
cisco-voip-bounces@puck.nether.net [mailto:cisco-voip-bounces@puck.nether.net] <b>On
Behalf Of </b>Tech Guy<br>
<b>Sent:</b> Thursday, October 26, 2006 10:53 AM<br>
<b>To:</b> Steve Miller<br>
<b>Cc:</b> cisco-voip@puck.nether.net<br>
<b>Subject:</b> Re: [cisco-voip] Remote 7961 Phone at Someone's House - Notes
forSetup!<o:p></o:p></span></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<div>
<p class=MsoNormal>This is pretty much word for word from the Cisco Mobile
Worker/Office SRND from some years back, it has not been updated in some time,
at least not since I last looked at it personally about a year or so ago.
I guess the one thing I noticed that changed is the router model. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>We deployed about 40 7960's and 837's I believe back
then. It was fairly easy and straight forward. The 837's were
configured with the ezvpn I think, and connected back to cisco concentrator
over a fiber internet connection at the main office. Of course each of
the home users were on cable modems which worked out fine for us. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>Our issues were spotty, and I blame it on the internet
completely. I was against deploying the solution personally, because it
was being deployed to sales and recruiting people who worked independtly all
over the US, they are the heaviest phone users. And yet we were giving
them phone service that we simply could not quarantee, and no one in mgmt could
understand why. They would complain about the quality, ask me about it, I
would tell them the issue time and time again and they didn't want to hear it,
in fact they would tell me how to fix it "upgrade our bandwidth" or
"upgrade their bandwidth" ughhh.. what a nightmare. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>Anyway, the solution is pretty much what they told you and
is simple. Basically configure the router to hand out DHCP to the devices
connected to it, include the TFTP option 150 info of your callmanagers.
Make sure the router can establish a vpn connection back to the main office,
and that you allow the appropriate data to pass obviously. Router boots
up, grabs internet IP on the BVI port I believe, but I don't think it
establishes the VPN tunnel at this point. I think it takes traffic "such
as the phone trying to hit addresses that reside on the VPN" to cause the
vpn tunnel to establish. Anyway, so then phone boots up grabs DHCP from
router, including TFTP.. then trys to hit TFTP and causes vpn tunnel to
establish. Pulls info and registers if you will with callmanager.
You can QoS it to death and it will work to some extent, but ultimately and
obviously your simply at the mercy of the internet. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>Good luck with it. ;-)<br>
<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span class=gmailquote>On 10/25/06, <b>Steve Miller</b> <<a
href="mailto:millerman1@cox.net">millerman1@cox.net</a>> wrote:</span> <o:p></o:p></p>
<p class=MsoNormal> <o:p></o:p></p>
<div>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>The
following is information that I have rec'd regarding the installation of a 7961
at someone's house who is using cable or DSL. Is there anything else that
we might need to think about? Thank you! </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'>Notes from Cisco Engineer:</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:navy'>The remote equipment at the home office would consist of a Cisco
871 router and a Cisco phone with a power block. The Cisco 871 would
function as the home office's firewall and router (and would connect to either
a cable modem or a DSL modem depending on the site). The router would be
configured to have an IPSec tunnel back to the office network (most
likely configured off of your existing concentrator). The remote Cisco
871 would be configured with DHCP and have the TFTP scope option set to tell
all devices the IP address of the Call Manager server (note the router has a
built-in four port switch). </span><o:p></o:p></p>
</div>
<div>
<div>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
At that point, the IP Phone would register normally to the Call Manager servers
using the IPSec tunnel as it's communication path. The keepalives from the
phone to the CM servers would keep the IPSec tunnel up and running 24/7. </span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
The restrictions on this type of deployment are:</span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
-must use G729 codec due to bandwidth restrictions</span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
-extremely limited QoS control since we are going across the Internet</span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
-security policies need to be visited since the remote office would have access
to the corporate internal network (this one is a biggie) </span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
-sub-issue regarding calling from home office to home office. This is
doable but adds additional security and deployment issues. </span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>
-need to consider the standard IT management overhead associated with
supporting home equipment. </span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'>Thank
you!</span><o:p></o:p></p>
<p><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:navy'> </span><o:p></o:p></p>
</div>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
_______________________________________________<br>
cisco-voip mailing list <br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br>
<o:p></o:p></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<P><FONT face=Arial color=#808080 size=1>
<HR>
</FONT></P>
<P><FONT color=#808080><FONT face=Arial size=1>CONFIDENTIALITY STATEMENT<BR>This
communication and any attachments are CONFIDENTIAL and may be protected by one
or more legal privileges. It is intended solely for the use of the addressee
identified above. If you are not the intended recipient, any use, disclosure,
copying or distribution of this communication is UNAUTHORIZED. Neither this
information block, the typed name of the sender, nor anything else in this
message is intended to constitute an electronic signature unless a specific
statement to the contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete this
communication from your computer. Thank you.</FONT> </FONT></P>
<P><FONT color=#808080>
<HR>
</FONT></P>
</body>
</html>