<div dir="ltr"><div>Thanks for the info. we are using the phone proxy appliance and can do both in Unsecure mode. Guess it's not time to upgrade to the ASA Phone Proxy. ;-)</div>
<div> </div>
<div>Scott<br><br></div>
<div class="gmail_quote">On Wed, Sep 24, 2008 at 6:34 AM, c3voip <span dir="ltr"><<a href="mailto:c3voip@nc.rr.com">c3voip@nc.rr.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">It's great you can leave your cluster in non-secure mode, and have the ASA<br>phone proxy do secure mode over the Internet.<br>
<br>There is a way to use it in a non-secure mode for VLAN transversal and that<br>is the only way that IP Communicator is supported.<br><font color="#888888"><br>-C<br></font>
<div>
<div></div>
<div class="Wj3C7c"><br>-----Original Message-----<br>From: Lelio Fulgenzi [mailto:<a href="mailto:lelio@uoguelph.ca">lelio@uoguelph.ca</a>]<br>Sent: Wednesday, September 24, 2008 8:58 AM<br>To: c3voip; 'Dane'; <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
Subject: Re: [cisco-voip] ASA 8.0(4) Phone Proxy w/ CM 4.1(3)<br><br>is it possible to deploy this without the use of certifcates, i.e. in<br>non-secure mode?<br><br><br>----------------------------------------------------------------------------<br>
----<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br><br>----- Original Message -----<br>From: "c3voip" <<a href="mailto:c3voip@nc.rr.com">c3voip@nc.rr.com</a>><br>To: "'Dane'" <<a href="mailto:dane@pktloss.net">dane@pktloss.net</a>>; <<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a>><br>
Sent: Wednesday, September 24, 2008 8:31 AM<br>Subject: Re: [cisco-voip] ASA 8.0(4) Phone Proxy w/ CM 4.1(3)<br><br><br>> Hi Dane,<br>><br>> I successfully got it working with 4.1(3). It is pretty straightforward.<br>
> Just make sure that you import the certificates from your CallManager to<br>> the<br>> ASA. Another gotcha was that you have to generate and install LSC's<br>> (Locally Significant Certificates) for any 7940/7960 phones you want to<br>
> use<br>> with Phone Proxy, so without opening port 2000 you cannot remotely<br>> provision<br>> one of these phones.<br>><br>> I also found out that since IP Communicator doesn't support encryption<br>
> until<br>> CUCM 7.0.1 that Phone Proxy cannot support hard phones and IP Communicator<br>> at the same time.<br>><br>> Let me know if you have any questions.<br>><br>> -C<br>><br>> -----Original Message-----<br>
> From: <a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a><br>> [mailto:<a href="mailto:cisco-voip-bounces@puck.nether.net">cisco-voip-bounces@puck.nether.net</a>] On Behalf Of Dane<br>
> Sent: Tuesday, September 23, 2008 4:55 PM<br>> To: <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>> Subject: [cisco-voip] ASA 8.0(4) Phone Proxy w/ CM 4.1(3)<br>><br>> I know there were some previous discussions on the list in the past<br>
> (before 8.0(4)) was released regarding the phone proxy features and<br>> what was supported.<br>><br>> According to what I am reading it appears that CM 4.x is supported.<br>><br>><br><a href="http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/unifi" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/unifi</a><br>
> ed_comm.html#wp1144923<br>><br>> I am running 8.0(4) now on the ASA and notice we have some default<br>> basic license for 2 sessions, which is enough to just get this tested<br>> as a proof of concept.<br>
><br>> Just wondering who out there is in the same boat running 4.1(3) and<br>> has the phone proxy feature of 8.0(4) working? I have not begun<br>> trying to get things to work yet, just doing my reading up on things<br>
> now and it would be nice to bounce questions off of someone with some<br>> experience in this if and when they come up.<br>><br>> Also interested in any caveats or issues (other than licensing) that<br>> might have halted your testing or implementation.<br>
><br>> Regards,<br>> Dane<br>> _______________________________________________<br>> cisco-voip mailing list<br>> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>> <a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
><br>> _______________________________________________<br>> cisco-voip mailing list<br>> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>> <a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
><br><br><br>_______________________________________________<br>cisco-voip mailing list<br><a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br><a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
</div></div></blockquote></div><br></div>