<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: verdana,helvetica,sans-serif; font-size: 10pt; color: #000000'><br>Thanks Brian.<br><br>I'm guessing the only things I would have to do is ensure that I have enough MTP resources on the trusted device. I could use the DSP calculator for that.<br><br><br><br><div><span name="x"></span>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst, Network Infrastructure<br>Computing and Communications Services (CCS)<br>University of Guelph<br><br>519‐824‐4120 Ext 56354<br>lelio@uoguelph.ca<br>www.uoguelph.ca/ccs<br>Room 037, Animal Science and Nutrition Building<br>Guelph, Ontario, N1G 2W1<span name="x"></span><br></div><br><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Brian Meade" <bmeade90@vt.edu><br><b>To: </b>"Lelio Fulgenzi" <lelio@uoguelph.ca><br><b>Cc: </b>"Cisco VOIP" <cisco-voip@puck.nether.net><br><b>Sent: </b>Tuesday, February 17, 2015 11:34:22 AM<br><b>Subject: </b>Re: [cisco-voip] trusted relay points<br><br><div dir="ltr">They're basically just MTPs you deem to be "trusted". A lot of people use them for switching between IPv4 and IPv6. Really not anything different than just forcing MTP Required other than maybe just narrowing down the MTP list. Some people use the same setup for VPN phones/IP Communicators over VPN so VPN clients don't have to be able to talk directly to each other.</div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Feb 17, 2015 at 11:28 AM, Lelio Fulgenzi <span dir="ltr"><<a href="mailto:lelio@uoguelph.ca" target="_blank">lelio@uoguelph.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:verdana,helvetica,sans-serif;font-size:10pt;color:#000000"><br>We had a security discussion with our account team, and one thing that was brought up was the concept/feature of trusted relay points.<br><br>There's not much on the subject in the guides, other than saying some MTPs are trusted relay points.<br><br>Our thought was, rather than opening up the voice VLANs to allow media from the data VLANs, we could simply set up the Jabber clients with "trusted relay points" enabled and modify the voice VLAN ACLs to allow access from these trusted relay points. We could either use our PSTN gateways or deploy another set of 2900s for this purpose.<br><br>This would also help us in the short term, I believe, by not having to enable "peer to peer" communications on our wiLAN.<br><br>Any thoughts or pointers to some documents would be fantastic.<br><br>Lelio<br><br><br><div><span></span>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst, Network Infrastructure<br>Computing and Communications Services (CCS)<br>University of Guelph<br><br><a href="tel:519%E2%80%90824%E2%80%904120%20Ext%2056354" target="_blank">519‐824‐4120 Ext 56354</a><br><a href="mailto:lelio@uoguelph.ca" target="_blank">lelio@uoguelph.ca</a><br><a href="http://www.uoguelph.ca/ccs" target="_blank">www.uoguelph.ca/ccs</a><br>Room 037, Animal Science and Nutrition Building<br>Guelph, Ontario, N1G 2W1<span></span><br></div><br></div></div><br>_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br></blockquote></div><br></div>
</div><br></div></body></html>