cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1569
Views
13
Helpful
9
Replies

SX20 with ACL

smilewonee
Level 1
Level 1

Hi guys,

I got some interesting topic for a discussion.

There are the cases that SX20s deployed on outside of firewall because of security & budget reason.

And with this topology, having a connection among SX20s that are outside of firewall can be even more dangerous. While their private network is still secure.

However, assume that they are using video call with limited participants(always known participants), It could be managed with secure connection.

Thus, we can probably use some function like ACL. ACL is actually included on Cisco router or switch, but I couldn't find anything like this on cisco endpoint so far.(There are similar function on VCS(Managing Zone), etc)

Does anyone have an idea for ACL on SX20? or similar configuration?

or should I proceed Feature Enhancement Request? then would it be appropriate enough to requet?

Best Regards,

Paul

2 Accepted Solutions

Accepted Solutions

The correct place to do the "ACL"ing would be on the firewall/switch/router between the codec and the internet.  You cannot do it on the codec itself.


Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.

View solution in original post

Hi Paul,

ACL is an ordered set of rules that you can use to filter traffic.it tests the packet against the conditions of all rules.

this functions is performed by you network routers and not by endpoints.

SX20 is just an endpoint used for making audio and video conference calls, ACL functionality is not something which it is designed for. ACL funtionality should be on your network routers.

View solution in original post

9 Replies 9

amehla
Cisco Employee
Cisco Employee

Hi Paul,

there is no ACL like configuration on SX20 unit.

is this device is over a public IP address  ?

Yes, you are right. all the SX20s depolyed on our customer site are on a public IP address as they demanded.

hmmm..

Is there any configuration that can take place of ACL?

The correct place to do the "ACL"ing would be on the firewall/switch/router between the codec and the internet.  You cannot do it on the codec itself.


Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.

Thanks for your confirmation.

Best Regards,

Paul

Hey Amit, Could you please explain more why cisco telepresence endpoints(SX20) don't have any function like ACL?

Thank you,

Paul

Hi Paul,

ACL is an ordered set of rules that you can use to filter traffic.it tests the packet against the conditions of all rules.

this functions is performed by you network routers and not by endpoints.

SX20 is just an endpoint used for making audio and video conference calls, ACL functionality is not something which it is designed for. ACL funtionality should be on your network routers.

I appreciate to your kind reply,

But, except ACL functionality, Is anything possible to be implemented for controlling contact list?

Simply the endpoint can not actually block or allow specific incoming call??

Thank you,,

Paul

Hi Paul,

As of now, there is no settings on SX20 to block or allow specific incoming call based in calling number.

it do have DND ( do not disturb) setting but it will block all incoming call.

the above configuration ( filtering incoming calls based on calling number) is configured on infrastructure devices like  CUCM  or VCS.

but currently there is no such settings on endpoints.

Controlling which calls are allowed or not can be implemented in the registar/gatekeeper where the device is registered to.  Call Admission Policy is implemented there, not at the edge device.