Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2533
Views
0
Helpful
3
Replies

CUCM 8.02 and cisco 7960 ip phone registration going thru internet

warquezho0612
Level 1
Level 1

‎05-05-2011 05:53 AM - edited ‎03-16-2019 04:49 AM

Is this even possible? I'm trying to register one thru SIP but it doesn't register! Is this doable? On what protocol SIP or SCCP? If SIP then what is the correct settings in the IP Phone for this? Like does it needs to get its files (tftp) on the CUCM going to the Internet? Is the proxy address the public address of the CUCM (staticaly NATed private address of cucm so it can be seen publicly)? What settings do I need?

Just an FYI, I managed to register a TANBERG (video device) to cucm via SIP, it's the cisco ip phones I can't register, need an expert advice

Thanks!

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Steven Holl
Cisco Employee
Cisco Employee

‎05-11-2011 08:25 AM

Yes this can be done.  Most people use  VPN tunnel to connect the remote site to the CUCM site, so that CUCM isn't open to the Internet and so voice payloads is encrypted.  With VPN, it's no different from LAN registration, from a voice perspective.

ASA phone proxy is a good solution for this if you'll have multiple phones.

SIP and SCCP will both work.  You need to open up TFTP (UDP/69), and SCCP (TCP/2000) or SIP (TCP or UDP/5060).

If you are NATting, the NAT device needs to be VoIP aware (at least for SIP).  The firewall also needs to be VoIP aware to open up the RTP ports being used for the call (UDP 16384-32767).  If your NAT/firewall devices aren't Cisco, you won't be able to use SCCP.

Finally, the phone needs to have alternate TFTP server set to the CUCM public IP that points to a node with TFTP running.

And you'll want QoS configured on the device with the WAN connection.  outbound shaper @ upload speed, and a priority queue for RTP nested inside of that.

0 Helpful

warquezho0612
Level 1
Level 1
In response to Steven Holl

‎05-11-2011 09:34 AM

A very well explained reply. VPN is by far the number 1 choice I can see here, ASA phone proxy is second as I read and according to my friend that he already implemented it (just that I don't have access to our ASA right now so...), the one thing I'm interested with although I know that it is not secure is thru NAT,

What are the requirements for this? The setup I've made to test if phone can register going thru the internet was to statically nat the CUCM server to a pub lic address, now I set my ip phone at home without any ports being denied to point its TFTP to the nat'ed public ip address of the CUCM, hence it still can't even register, what do you think are the reasons?

Thanks!

0 Helpful

Purna Wijenayaka
Level 1
Level 1
In response to warquezho0612

‎02-08-2013 11:42 AM

HI ,

I am having the same problem ,what option is the best ?

1.0 NATTED public IP for the CUCM ?

2.0 use built-in VPN in phone models like 7942G ?

3.0 Phone - proxy method ?

Please advice ,

Thanks

Purna

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents