Showing results for 
Search instead for 
Did you mean: 

General Question: Cisco phones across non-Cisco VPN

Setting aside the QoS discussions, is there anything special I should think about with regard to running a Cisco remote phone as a teleworker's house across a hardware-based IPSec tunnel (using something other than ASAs)?  I know I will need to manually set info on the phone.  I'm mainly looking for gotchas with regard to the tunnel itself.  Is it as simple as setting up a standard IPSEC tunnel where no ports are blocked and letting the phone run over that tunnel?


Teleworker Cisco phones across WatchGuard VPN


General Question: Cisco phones across non-Cisco VPN

As long as you have IP connectivity and understand the possible quality issues with no QoS you should be fine, just hard code the network settings (at the least, the tftp settings) on the remote phones.

Rising star

Teleworker Cisco phones across WatchGuard VPN

Hi Kyle

No, nothing special to worry about. You can run this over pretty much any Lan to Lan tunnel (including non Cisco).

You do need to watch out for QoS (which Cisco firewalls can do even over IPSEC). Another one to watch out for is if you have multiple remote offices configured in this way (e.g. home "a" and home "b"). In CUCM environments, audio flows handset to handset so if the phone in home "a" calls the phone in home "b" you also need an IPSec tunnel between the remote offices.

Hope this helps. Barry

Barry Hesk

Intrinsic Network Solutions

Teleworker Cisco phones across WatchGuard VPN

You don't necessarily need a tunnel between the site for the remote phones to be able to call each other depending on the capabilities of the router/firewall.  On an ASA you would use:

same-security-traffic permit

This would allow the VPN traffic to hairpin at the ASA and negate the need for a third tunnel connecting the remote sites.

I'm not sure if your hardware can do this.

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards