Martin

Its a standalone deployment with no registration to either the VCS-E or CUCM and to be used for non registered calls over  IP

what should be the exact configuration on the codec for this

eg

dsl router public address = 88.66.55.33

codec ip address (private) = 192.168.1.10

hmm, that should not have been endorsed, ... anyhow, it does not matter, you can also run it on dynamic,

but then you need more ports.

You need to have a mapping of these ports 1:1 for all or n:n for just some, but at least the port on the

public ip needs to be forwarded to the internal ones.

If you use 1:1 please use secure passwords on your system and think of disabling services which

you do not need (http(s)/telenet/ssh) and see that you can block these unused ports in the firewall).

Important is that the router is not trying to do any magic on the h323 packages or mangles timeouts.

Please remember to rate helpful responses and identify helpful or correct answers.

Will check this out and let you know how it goes

thanks again

As Martin said, you can configure your ADSL router to forward only the specific ports to your EX90, or configure to perform NAT 1 to 1. If am not wrong, you will find some option called "DMZ" or something like that, this is normally related to NAT 1 to 1. I would recommend using port forwarding instead of NAT 1 to 1, just because you can avoid external users to access the managment ports (HTTP, SSH, SNMP and so on). Or you can configure NAT 1 to 1 and configure your ADSL router to block certain ports, if it has built-in firewall feature.

It would be great if the Cisco telepresence endpoints had support for UPNP protocol, so that they would be able to dynamically ask the router to open and redirect the proper ports, without needing to make manual configuration on the router itself, just like Skype, Utorrent and so many other programs do.

Maybe Cisco has not implemented this feature because this kind of deployment is not common, as the telepresence solution is more related to corporative environments, even the desktop endpoints.

Regards

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Paulo, nice to see you back again ;-)

Besides the fact that I dislike upnp due to various security issues on the devices using it,

there is an option on at lest the EX90 and its there for some software versions now.

As its experimental there is not much documentation, but if you check the experimental section

of the EX90:

xconfiguration Experimental NetworkServices UPnP ?
*? xConfiguration Experimental NetworkServices UPnP Mode: 
*? xConfiguration Experimental NetworkServices UPnP Timeout: <0..3600>

I prefer to use port forwards for the specific used ports.

Or much better, use the EX90 and register it to a VCS-E or in the future Expressway Edge

Please remember to rate helpful responses and identify helpful or correct answers.

Hey Martin,

Thanks for your reply. Have you already tested this supposed UPNP feature? Now I am curious about that, as I was not aware about UPNP support for tandberg endpoints.

I agree with you, as I said, port forwarding is the best option indeed.

Regards

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hi Paulo,

The UPNP support has been there for a long time (it was available in TC4.1).  It's always been in the "Experimental" section, so isn't something that I'd necessarily rely on in a prodoction environment, but could be worth a try to see if it assists.

Wayne

--

Please remember to rate responses and to mark your question as answered if appropriate.

Thanks Martin

i was able to make it work with your suggestions.