1. VPN Needs to terminate on the UC so have the watch guard forward the ports to the UC
2. No VLAD ID can be the same, so long as the subnets are different
3. VLAN ID yes, subnets? No... They must be different, CCA Multi-Site-Manager will take care of all this anyway, it is nit something you have to think about too hard, but they must be different for routing purposes of both calls and data.
4. Yes.... Please make sure to use CCA to built the Multi-Site configuration for all the systems, CCA does it for you in seconds, where doing it by hand (CLI) can take hours if any form of complex call routing is required.
**When you rate a persons post, you are indicating a thank you or that it helped, but at the same time you are also helping to maintain the community spirit - You don't have to rate posts and you wont be looked down upon :) *
In CCA 3.2, which is available now, you can do Multisite without requiring the VPN terminate on the UC. When setting up the remote site, you can choose the Intersite Option to 'Dialing Only'. That way, the VPN can be between the Watchguard firewalls if you want.
I am working on this project in conjunction with another I.T. company.
The other I.T. Company is in charge of the existing 'computer data' network.
I will be in charge of designing and creating the 'voice' network
The Other I.T. Company demands that the existing 'computer data' network exist on its own physical network, separate from the future 'voice' network.
The Other I.T. Company will support this demand by providing a second LAN interface on their Watchguard (ouch) firewalls that will connect to the WAN interfaces of the UC 5xx boxes.
Side Note: Of course the Other I.T. Company will have to provide at least a /30 subnet between the second LAN interface of the Watchguards and the WAN interfaces of the UC5xxes. These subnets are in addition to the "UC5xx DATA" subnet ip's.
Since the existing 'data network', does and will continue to support the pc's, servers, printers, etc, "technically" I will not need a "UC5xx DATA" subnet for my UC5xx.
But I am thinking that I actually DO NEED a 'UC5 xx DATA' subnet for my UC5xx boxes, so I can route voice and other UC-required data between them. <--Please confirm this.
Also, the LAN ports on the UC5xx boxes will terminate to a PoE switch that supports the VOIP phones and the voice subnet. i think that this will also provide 'physical' termination for the 'UC5 xx DATA' interface to bring the DATA subnet interface UP UP (admin UP line Up) <--Please confirm this.