<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor=white lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Yes, it does. <o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> Miller, Steve
[mailto:MillerS@DicksteinShapiro.COM] <br>
<b>Sent:</b> Thursday, May 07, 2009 3:10 PM<br>
<b>To:</b> Matt Slaga (US); Wes Sisk; Jason Burns<br>
<b>Cc:</b> Cisco VOIP; Matthew Loraditch<br>
<b>Subject:</b> RE: [cisco-voip] Deploying 7961 Phones Remotely with ASA5500?<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
color:blue'>Does the corp directory work?</span><span style='color:windowtext'><o:p></o:p></span></p>
<div>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
</div>
<p><strong>Steve Miller</strong><br>
Telecom Engineer<br>
Dickstein Shapiro LLP<br>
1825 Eye Street NW | Washington, DC 20006<br>
Tel (202) 420-3370| Fax (202) 330-5607<br>
<a href="mailto:MillerS@dicksteinshapiro.com">MillerS@dicksteinshapiro.com</a><span
style='font-family:"Arial","sans-serif"'> </span><o:p></o:p></p>
<div>
<p class=MsoNormal><span style='color:windowtext'> <o:p></o:p></span></p>
</div>
<p class=MsoNormal><span style='color:windowtext'><o:p> </o:p></span></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:windowtext'>
<hr size=2 width="100%" align=center>
</span></div>
<p class=MsoNormal style='margin-bottom:12.0pt'><b><span style='font-size:10.0pt;
font-family:"Tahoma","sans-serif";color:windowtext'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'>
Matt Slaga (US) [mailto:Matt.Slaga@us.didata.com] <br>
<b>Sent:</b> Thursday, May 07, 2009 3:07 PM<br>
<b>To:</b> Wes Sisk; Jason Burns<br>
<b>Cc:</b> Cisco VOIP; Matthew Loraditch; Miller, Steve<br>
<b>Subject:</b> RE: [cisco-voip] Deploying 7961 Phones Remotely with ASA5500?</span><span
style='color:windowtext'><o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I’m assuming the ASA is going to run PhoneProxy. At home,
I have a 7960 plugged into a Linksys WRT54 that works just fine. No DMZ
or port forwarding is configured. We’ve been running the phoneproxy since
it was Metreos with mixed results. Been really solid though on the ASA.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif";
color:windowtext'>From:</span></b><span style='font-size:10.0pt;font-family:
"Tahoma","sans-serif";color:windowtext'> cisco-voip-bounces@puck.nether.net
[mailto:cisco-voip-bounces@puck.nether.net] <b>On Behalf Of </b>Wes Sisk<br>
<b>Sent:</b> Thursday, May 07, 2009 2:56 PM<br>
<b>To:</b> Jason Burns<br>
<b>Cc:</b> Cisco VOIP; Matthew Loraditch; Miller, Steve<br>
<b>Subject:</b> Re: [cisco-voip] Deploying 7961 Phones Remotely with ASA5500?<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>Hmm, I'm going to need a little
more convincing on this one.<br>
<br>
phone1----------homerouter-----------ASA--(typical enterprise with cm)--phone2<br>
10.10.11.2 10.10.11.1 10.10.10.76 <br>
*homerouter doubles as a firewall as is common<br>
<br>
In the ORCAck that leaves phone1 offers to receive audio on 10.10.11.2 port
33333.<br>
homerouter is blissfully unaware of SCCP so passes the IP datagram along after
rewriting IP headers for the 10.10.10.76 network<br>
this gets through ASA with any translation it does, then on to CM, then on to
phone2.<br>
<br>
phone2 begins to transmit audio. Audio goes to the IP:Port fixed up by
ASA. ASA rewrites IP and UDP and passes along back toward home router.<br>
<br>
Now comes the challenge. homerouter never knew it should listen on port
33333. It would have to be SCCP aware to do that. It would have to
be SCCP aware to rewrite that to any other port number.<br>
<br>
So the audio via RTP/UDP/IP is back to the "outside" interface of
homerouter, but how does it get through to phone1?<br>
<br>
/Wes<br>
<br>
<br>
On Thursday, May 07, 2009 10:47:36 AM, Jason Burns <a
href="mailto:burns.jason@gmail.com"><burns.jason@gmail.com></a> wrote:<o:p></o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>Ryan,<br>
<br>
Even though the IP Phone would be embedding it's own private IP address inside
of SCCP ORCAck messages, the ASA Phone Proxy feature would know the message was
really sourced from the public IP. The Phone Proxy would handle that, so that
the Linksys doesn't have to worry about SCCP fixup.<br>
<br>
One important caveat is that with PAT, not al homel routers support a TFTP
Client connection like the phone tries to do to the ASA Phone Proxy.<br>
<br>
TFTP is destined to UDP port 69 for the initial Read Request, then a new
connection on an ephemeral port is negotiated, and not all home routers know to
look for this to open the new UDP Port.<br>
<br>
If you run into TFTP problems you will have to configure the IP Phone's IP to
be in the DMZ so that all ports get forwarded to the IP Phone.<br>
<br>
So, the short answer is that just about any home router should work with the
ASA Phone Proxy. Provided you're on the very latest ASA code (as PhoneProxy is
still a very new product).<o:p></o:p></p>
<div>
<p class=MsoNormal>On Thu, May 7, 2009 at 10:29 AM, Ryan Ratliff <<a
href="mailto:rratliff@cisco.com">rratliff@cisco.com</a>> wrote:<o:p></o:p></p>
<p class=MsoNormal>Your Linksys router is going to be doing NAT/PAT and I'm
pretty confident they don't support SCCP fixup. You will need the phone
to either be in the DMZ or have a vpn tunnel behind the Linksys.<br>
<br>
-Ryan <o:p></o:p></p>
<div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br>
On May 7, 2009, at 10:12 AM, Miller, Steve wrote:<br>
<br>
Yes. I am just trying to make sure that there is nothing other than generic
router (Linksys or whatever someone would normally have in their home) and the
phone which are necessary to work with the the ASA55XX back at the network
site. We have been using VPN3002 boxes which are expensive and sometimes
problematic to set up/program. Thank you for your feedback!<br>
<br>
Steve Miller<br>
Telecom Engineer<br>
Dickstein Shapiro LLP<br>
1825 Eye Street NW | Washington, DC 20006<br>
Tel (202) 420-3370| Fax (202) 330-5607<br>
<a href="mailto:MillerS@dicksteinshapiro.com" target="_blank">MillerS@dicksteinshapiro.com</a><br>
<br>
<br>
<br>
From: Matthew Loraditch [mailto:<a
href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>]<br>
Sent: Thursday, May 07, 2009 10:08 AM<br>
To: Miller, Steve; Cisco VOIP<br>
Subject: RE: Deploying 7961 Phones Remotely with ASA5500?<br>
<br>
What do you mean by necessary? If you can get your Linksys to setup a vpn
tunnel then yes<br>
<br>
<br>
<br>
<br>
<br>
Matthew Loraditch<br>
1965 Greenspring Drive<br>
<br>
Timonium, MD 21093<br>
<a href="mailto:support@heliontechnologies.com" target="_blank">support@heliontechnologies.com</a><br>
(p) (410) 252-8830<br>
(F) (443) 541-1593<br>
<br>
Visit us at <a href="http://www.heliontechnologies.com" target="_blank">www.heliontechnologies.com</a><br>
Support Issue? Email <a href="mailto:support@heliontechnologies.com"
target="_blank">support@heliontechnologies.com</a> for fast assistance!<br>
<br>
<br>
<br>
From: Miller, Steve [mailto:<a href="mailto:MillerS@DicksteinShapiro.COM"
target="_blank">MillerS@DicksteinShapiro.COM</a>]<br>
Sent: Thursday, May 07, 2009 10:05 AM<br>
To: Matthew Loraditch<br>
Subject: Re: Deploying 7961 Phones Remotely with ASA5500?<br>
<br>
<br>
<br>
Thanks. Only the phone is necessary, correct?<br>
<br>
<br>
Steve Miller<br>
Telecom Engineer<br>
Dickstein Shapiro LLP<br>
1825 Eye Street NW<br>
Washington, DC 20006<br>
Tel (202) 420-3370<br>
Fax (202)-330-5607<br>
<a href="mailto:millers@dicksteinshapiro.com" target="_blank">millers@dicksteinshapiro.com</a><br>
<br>
From: Matthew Loraditch<br>
To: Miller, Steve; Cisco VOIP<br>
Sent: Thu May 07 09:45:41 2009<br>
Subject: RE: Deploying 7961 Phones Remotely with ASA5500?<br>
<br>
Only the hardware needed to establish connectivity back to the cluster (VPN or
direct via a t-1 or other circuit), and provide power for the phone.<br>
<br>
You could use an ASA5505 and that does poe and the vpn tunnel all in one<br>
<br>
<br>
<br>
<br>
<br>
Matthew Loraditch<br>
1965 Greenspring Drive<br>
<br>
Timonium, MD 21093<br>
<a href="mailto:support@heliontechnologies.com" target="_blank">support@heliontechnologies.com</a><br>
(p) (410) 252-8830<br>
(F) (443) 541-1593<br>
<br>
Visit us at <a href="http://www.heliontechnologies.com" target="_blank">www.heliontechnologies.com</a><br>
Support Issue? Email <a href="mailto:support@heliontechnologies.com"
target="_blank">support@heliontechnologies.com</a> for fast assistance!<br>
<br>
<br>
<br>
From: <a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>
[mailto:<a href="mailto:cisco-voip-" target="_blank">cisco-voip-</a><a
href="mailto:bounces@puck.nether.net" target="_blank">bounces@puck.nether.net</a>]
On Behalf Of Miller, Steve<br>
Sent: Thursday, May 07, 2009 9:34 AM<br>
To: Cisco VOIP<br>
Subject: [cisco-voip] Deploying 7961 Phones Remotely with ASA5500?<br>
<br>
<br>
<br>
Simple question:<br>
<br>
<br>
<br>
What hardware is required (if any) at the remote location to allow a Cisco
phone to work? My understanding was that hardware was unnecessary....that
the phone could just hang off a regular Linksys router at a person's home.
Please advise. Thank you!<br>
<br>
<br>
<br>
Steve Miller<br>
Telecom Engineer<br>
Dickstein Shapiro LLP<br>
1825 Eye Street NW | Washington, DC 20006<br>
Tel (202) 420-3370| Fax (202) 330-5607<br>
<a href="mailto:MillerS@dicksteinshapiro.com" target="_blank">MillerS@dicksteinshapiro.com</a><br>
<br>
<o:p></o:p></p>
</div>
</div>
<p class=MsoNormal>--------------------------------------------------------This
e-mail message and any attached files are confidential and are intended solely
for the use of the addressee(s)named above. This communication may contain
material protected by attorney-client, work product, or other privileges. If
you are not the intended recipient or person responsible for delivering this
confidentialcommunication to the intended recipient, you have received this
communication in error, and any review, use, dissemination, forwarding,
printing, copying, or other distribution of this e-mail message and any
attached files is strictly prohibited. Dickstein Shapiro reserves the right to
monitor any communication that is created, received, or sent on its network.
If you have received this confidential communication in error, please
notify the sender immediately by reply e-mail message and permanently delete
the original message. To reply to our email administrator directly, send
an email to <a href="mailto:postmaster@dicksteinshapiro.com" target="_blank">postmaster@dicksteinshapiro.com</a>
Dickstein Shapiro LLPhttp://<a href="http://www.DicksteinShapiro.com"
target="_blank">www.DicksteinShapiro.com</a> ==============================================================================--------------------------------------------------------This
e-mail message and any attached files are confidential and are intended solely
for the use of the addressee(s)named above. This communication may contain
material protected by attorney-client, work product, or other privileges. If
you are not the intended recipient or person responsible for delivering this
confidentialcommunication to the intended recipient, you have received this
communication in error, and any review, use, dissemination, forwarding,
printing, copying, or other distribution of this e-mail message and any
attached files is strictly prohibited. Dickstein Shapiro reserves the right to
monitor any communication that is created, received, or sent on its network.
If you have received this confidential communication in error, please
notify the sender immediately by reply e-mail message and permanently delete
the original message. To reply to our email administrator directly, send
an email to <a href="mailto:postmaster@dicksteinshapiro.com" target="_blank">postmaster@dicksteinshapiro.com</a>
Dickstein Shapiro LLPhttp://<a href="http://www.DicksteinShapiro.com"
target="_blank">www.DicksteinShapiro.com</a> ==============================================================================
<o:p></o:p></p>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br>
-------------------------------------------------------- This e-mail message
and any attached files are confidential and are intended solely for the use of
the addressee(s) named above. This communication may contain material protected
by attorney-client, work product, or other privileges. If you are not the
intended recipient or person responsible for delivering this confidential
communication to the intended recipient, you have received this communication
in error, and any review, use, dissemination, forwarding, printing, copying, or
other distribution of this e-mail message and any attached files is strictly
prohibited. Dickstein Shapiro reserves the right to monitor any communication
that is created, received, or sent on its network. If you have received this
confidential communication in error, please notify the sender immediately by
reply e-mail message and permanently delete the original message. To reply to
our email administrator directly, send an email to <a
href="mailto:postmaster@dicksteinshapiro.com" target="_blank">postmaster@dicksteinshapiro.com</a>
Dickstein Shapiro LLP <a href="http://">http://</a><a
href="http://www.DicksteinShapiro.com" target="_blank">www.DicksteinShapiro.com</a>
==============================================================================<o:p></o:p></p>
</div>
<p class=MsoNormal>_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><o:p></o:p></p>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p>
<pre><o:p> </o:p></pre><pre style='text-align:center'><o:p> </o:p></pre><pre
style='text-align:center'>
<hr size=4 width="90%" align=center>
</pre><pre style='text-align:center'><o:p> </o:p></pre><pre
style='text-align:center'><o:p> </o:p></pre><pre><o:p> </o:p></pre><pre>_______________________________________________<o:p></o:p></pre><pre>cisco-voip mailing list<o:p></o:p></pre><pre><a
href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><o:p></o:p></pre><pre><a
href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</a><o:p></o:p></pre><pre> <o:p></o:p></pre>
<p class=MsoNormal><o:p> </o:p></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='color:windowtext'>
<hr size=1 width="100%" align=center>
</span></div>
<p><strong>Disclaimer: This e-mail communication and any attachments may
contain confidential and privileged information and is for use by the
designated addressee(s) named above only. If you are not the intended
addressee, you are hereby notified that you have received this communication in
error and that any use or reproduction of this email or its contents is
strictly prohibited and may be unlawful. If you have received this
communication in error, please notify us immediately by replying to this
message and deleting it from your computer. Thank you. </strong><o:p></o:p></p>
<pre>--------------------------------------------------------<o:p></o:p></pre><pre>This e-mail message and any attached files are confidential and are intended solely for the use of the addressee(s)<o:p></o:p></pre><pre>named above. This communication may contain material protected by attorney-client, work product, or other <o:p></o:p></pre><pre>privileges. If you are not the intended recipient or person responsible for delivering this confidential<o:p></o:p></pre><pre>communication to the intended recipient, you have received this communication in error, and any review, use, <o:p></o:p></pre><pre>dissemination, forwarding, printing, copying, or other distribution of this e-mail message and any attached files <o:p></o:p></pre><pre>is strictly prohibited. Dickstein Shapiro reserves the right to monitor any communication that is created, <o:p></o:p></pre><pre>received, or sent on its network. If you have received this confidential communication in error, please notify the <o:p></o:p></pre><pre>sender immediately by reply e-mail message and permanently delete the original message. <o:p></o:p></pre><pre><o:p> </o:p></pre><pre>To reply to our email administrator directly, send an email to postmaster@dicksteinshapiro.com<o:p></o:p></pre><pre><o:p> </o:p></pre><pre>Dickstein Shapiro LLP<o:p></o:p></pre><pre>http://www.DicksteinShapiro.com<o:p></o:p></pre><pre><o:p> </o:p></pre><pre>==============================================================================<o:p></o:p></pre></div>
</body>
</html>
<HTML><BODY><P><hr size=1></P>
<P><STRONG>
Disclaimer:
This e-mail communication and any attachments may contain confidential and privileged information and is for use by the designated addressee(s) named above only. If you are not the intended addressee, you are hereby notified that you have received this communication in error and that any use or reproduction of this email or its contents is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer. Thank you.
</STRONG></P></BODY></HTML>