cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
926
Views
0
Helpful
4
Replies
Nirmal Joshi
Enthusiast

NAT Support for Finesse

Hi,

I have a customer who wants VPN less access to Finesse server for agents from remote locations and for home agents.. we are thinking of using NAT here.

Summary of the Architecture: 2 DCs (UCCE Side A and Side B), centralized call termination, VGs in DCs, VXML gateways also in DCs. 9 agent locations connected via MPLS links to DCs, 1 outsourced agent location with 100 agents ( planning to go for mobile agents for outsourced agents)

It is mentioned in the below link that Finesse supports basic NAT between Finesse server and Finesse clients

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/finesse/finesse_1051/release/notes/CFIN_BK_R34A18D2_00_release-notes-for-cisco-finesse-1051/CFIN_BK_R34A18D2_00_release-notes-for-cisco-finesse_chapter_00.html#CFIN_RF_N6A...

I don't have much understanding of security concepts.. so looking for some help here.

1. Does NAT (one to mapping) between Finesse server and Finesse client means, each of the Finesse clients will also need one unique public ip mapped to each of the agent PCs?

2. What are the benefits and drawbacks of using Nating approach instead of using VPN access to Finesse servers?

3. Since it is mentioned that one to many mapping between Finesse servers and Finesse clinets is not supported, need to understand with an example of one to many scenario in contact enter world.

 

Thanks

Nirmal

 

4 REPLIES 4
david.macias
VIP Advocate

This doesn't sound like a good approach at all. While I'm not sure what the security implications might be, VPN is tried and true, so why reinvent the wheel?

 

david

Hi David,

Thanks for looking into this.. sure it does not look like a good approach but want to understand the implications of this approach and since this is supported by Cisco so what's the use case of supporting NAT for Finesse..

 

Thanks

Nirmal 

Looking for quick help here.. can someone else respond who might have seen/done this before?

 

Thanks, Nirmal

 

Hi, we have a similar setup for one of my clients and NAT works for us, for both inshouse and outsource sites which connects to us via the Public.

 

1. Does NAT (one to mapping) between Finesse server and Finesse client means, each of the Finesse clients will also need one unique public ip mapped to each of the agent PCs?

Ans. Why Public IPs? How is that one outsourced company connecting into the DCs network?

2. What are the benefits and drawbacks of using Nating approach instead of using VPN access to Finesse servers?

Ans. We tested both, and I think VPN works better as when they VPN they are technicaly a part of the network and then can access Finesse locally,

3. Since it is mentioned that one to many mapping between Finesse servers and Finesse clinets is not supported, need to understand with an example of one to many scenario in contact enter world.

Ans. One to many is when for eg 10 PCs behinds NAT but they talk to Finesse server as only 1 IP and teh NAT table manages the sessions to these 10 Finesse client PCs. One to One is when every PC gets a NATed IP to talk to outside workd / Finesse.

Kartik

Create
Recognize Your Peers
Content for Community-Ad