Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1786
Views
0
Helpful
4
Replies

SPA504g remote phone

johnminon
Level 1
Level 1

‎04-20-2011 10:03 AM - edited ‎03-21-2019 03:58 AM

I have a UC540 with an internet connection/firewall and 5 SPA phones on the inside running fine. I want to configure a phone that can be used at a remote site over an internet connection and have an extension on the system. It would be one that you could plug into any internet connection and find the system and register.

I can get into the phone thru a web page and have exported the XML file to a notepad.

I have VPN configured so access to the system from the outside is available.

Is this possible?

And if it is, I would like to get some documnet on how to do this!!

Please let me know if you need more information.

Thanks

John

Labels:
0 Helpful
4 Replies 4

antyeung
Level 4
Level 4

‎04-20-2011 12:38 PM

I don't believe the SPA504G has the built-in SSL VPN client. You may need the 525G instead.

http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps10499/ps11005/data_sheet_c78-603725.html

The Cisco SPA525G2 IP Phone further improves the  user experience with VPN and video surveillance applications. It  includes an embedded AnyConnect Secure Sockets Layer (SSL) VPN client  that allows remote users to securely connect to their phone system and  make calls over the Internet, without the need for additional hardware.

0 Helpful

johnminon
Level 1
Level 1
In response to antyeung

‎04-20-2011 12:53 PM

This does not have to be a secure connection.....Just use the internet as a transport.

Can that be configured in the phone thru staic configuration?

And what ports need to be opened up on the firewall of the UC500?

Thanks

John

0 Helpful

antyeung
Level 4
Level 4
In response to johnminon

‎04-20-2011 02:30 PM

I believe it's possible, but it won't be pretty. I haven't done this before but things you would need to consider to see if it's worth it are-

  • Change the "ip source-address" under telephony-service to be the external interface IP address, as well as change the DHCP pool or internal IP phones reference to the external interface IP instead of the internal one
  • At a minimum you would need to open up port 2000 for the remote phone so that the remote phone can register to CME
  • Any associated ports for phone services (HTTP)
  • You would also have to open up the UDP ports for RTP
  • Since the media path for a call b/w two phones registered to the same CME is directly to each other and not through CME you would need to configure MTP under the ephone for the remote phone.
  • Consider what router/device the remote phone is plugged into or behind. Most likely the remote IP phone is getting a NAT'd address from some home device (Linksys/Netgear/etc.). If that's the case that intermediary device would need to be able to inspect or translate the media IP address/port the phone is advertising in the SCCP message or you'll get no audio.
  • Security concern opening up ports on the external interface
  • etc.

I'm pretty sure this isn't a supported configuration and given the few things mentioned above it may be easier to go w/ the supported SSL VPN remote teleworker setup so that you can also get support on it from TAC.

0 Helpful

testeven
Cisco Employee
Cisco Employee

‎04-20-2011 01:56 PM

Hi,

Have you checked the Teleworker Setup document below?

http://www.cisco.com/en/US/docs/voice_ip_comm/sbcs/hardware/quick/guide/uc5_tele.html

HTH!

Regards,

Tere.

Regards, Tere. If you find this post helpful, please rate! :)
0 Helpful
Customers Also Viewed These Support Documents