Unanswered Question
Aug 24th, 2007
User Badges:
  • Gold, 750 points or more

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update with Cisco expert Mohammed Ahmed about the Cisco Unified Communications for the Small and Medium Business. Mohammed Ahmed is a product manager in the Access Routing Technology Group (ARTG) responsible for the Cisco Unified Communications 500 Series product line for small and midsized business market, a key platform of the Cisco Smart Business Communications System. He has been with Cisco since 2005 in the ARTG's Voice Marketing team and has been instrumental in driving the product definition, packaging, and a timely introduction of this product family to the market.

Remember to use the rating system to let Mohammed know if you have received an adequate response.

Mohammed might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through September 7, 2007. Visit this forum often to view responses to your questions and the questions of other community members.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.1 (9 ratings)
uniccnp Sat, 08/25/2007 - 03:39
User Badges:

We would like to have multi-homing internet connections from two different ISPs. We also have 14 Pub IPs from both the ISPs. We haveused static NAT for few servers. what solutions is availale for us to use multi-homing connections and wich also supports Static NAT from two different IP subnets.

Thanks you,

moahmed Mon, 08/27/2007 - 10:17
User Badges:
  • Cisco Employee,

Not knowing all the details, it is hard to answer. Assuming that there are 2 separate physical internet connections then I would recommend using an ISR as NAT + multiple ISP connections. If there is one physical connection but 2 logical links to the ISPs then you need to be careful with the NAT setup.

dreamcom-07 Tue, 08/28/2007 - 03:35
User Badges:

Dear Mr Mohammed,

it's possible to route phone calls over internet between two UC520?

Example we have two different office location, it's possible to call and transfer call over internet between this two locations?

On each location we have planned to install UC520. Or we need to use Cisco Router 2800 Series for that?

moahmed Tue, 08/28/2007 - 08:55
User Badges:
  • Cisco Employee,

UC500 supports secure networking (via VPN tunnels) between sites using the borabband connectivity from an ISP. You can set-up dialpeers pointing to the remote UC500, enabling a dial-plan between the two locations for call transfer and inter site communiactions.

As long as you have a broadband connection (via DSL modem, etc) at these two locations, you do not need additional router.

dreamcom-07 Tue, 08/28/2007 - 09:00
User Badges:

Thanks for the replay. It's any different between Cisco 2800 Series and UC500 Series in routing call option? It's the option by UC500 a light version?

moahmed Tue, 08/28/2007 - 09:49
User Badges:
  • Cisco Employee,

From a stand-alone deployment point of view, the Cisco ISRs (28xx & 38xx) and UC500 products leverages the same Cisco Communications Manager Express (aka CCME) solution. CCME is a IOS based call control solution. So from call control point of view, the funcitonlaity is identical.

For larger enterprise deployments, we also offer central call contol solution based on our Cisco Communcations Manager solution. With this type of deployments, the ISRs are used to provide routing/PSTN-trunking support in addition to acting as a Survivable gateway in case the WAN connection providing the central call control is down.

dreamcom-07 Tue, 08/28/2007 - 11:16
User Badges:

Thanks for your replay. We evaluate a new phone communication system for our company and subsidiary companys. We don't have much employees on each location. So from this view UC500 series is okay (i hearted that US500 series will support soon 48 users).

But from possibility view we are not sure if we want to choice Cisco ISR 28xx series or UC500 series.

What is your opinion?

- We have four locations (TW, DE, FR, CH & IT)

- We have one worldwide IT department wich have access over intranet to all locations

Which group support we need from communication system:

- Internal calling between locations over internet connection (Broadband DSL and standalone internet lines) by direct extension number.

- If one location don't answering a call, the call will be forwarded to another location

- If one staff work for a small time frame for a project in a different location, it's possible to available on the same number as the normal workplace number?

Sorry that I ask this. But we tried to get more support from Europe Cisco's manager. But they told us that UC500 is a new product and they don't have any experience now.

Thank you very much

moahmed Wed, 08/29/2007 - 13:14
User Badges:
  • Cisco Employee,

This can be done using four UC500 systems.

You would need to set-up permanent site-to-site fully meshed VPN between those 4 sites. This has to be done via IOS CLI (Multi-site network configuration is a roadmap item for Cisco Configuration Assistant).

For item 1 and 2 - once VPN is set up, you would need to configure static dial-peers to route the calls. So for example you can select a number range to point to the remote UC500 system's IP address.

My suggestion here would be to have a leading digit of the extension matched to the site number. For example, 3xx means extension at site 3 and so forth. You can also do 31xx, 32xx, 33xx, 34xx for your 4 locations.

You can find additional info in the "Cisco Unified CallManager Express Solution Reference Network Design Guide" located at

For item3, we can configure call forward all on their normal workplace phone to the extension at a different location.

Hope this helps.

dreamcom-07 Wed, 08/29/2007 - 13:39
User Badges:

Thank you very much for your great feedback. I have only one open last issue. I can't open your link because we are not cisco partner (we are customer).

Thanks you for your great support.

gjergjimulla Thu, 08/30/2007 - 05:01
User Badges:


i'm looking forward to buy cisco switchs ws-ce500-24TT.

i want to ask if the above switches can be configured from CLI (command line)?

i read some comments in web that preted that the only way to configure this model of switch is the GUI (graphic user interface)

waiting forward to receive a response from you

best regards

Gjergji Mulla

Emporiki Bank - Albania

[email protected]

moahmed Thu, 08/30/2007 - 17:42
User Badges:
  • Cisco Employee,

Cisco's Catalyst Express 500 and 520 family can be managed via the Cisco Configuration Assistant or Cisco Netowrk Assistant GUI based tool only. No CLI access is enabled/provided with these switches.

gjergjimulla Fri, 08/31/2007 - 01:26
User Badges:

Thanks for the answer.

i want your advice. which is the most approriate cisco switch that support vlans, can be configured with CLI (Command Line Interface) and also low cost. this switch will be used in a bank branch with 5 emplowees but in it will be configured different vlans (domain vlan, ATM vlan etc)


best regards

joshuamarsh Thu, 08/30/2007 - 14:00
User Badges:


Is it possible to put a 1MFT T1/E1 card into the VIC slot and use it as a 4 to 8 channel, fractional T1 trunk? If so, would the GUI be able to accommodate the config, or would you need to revert to the CLI?

Thank you,


moahmed Thu, 08/30/2007 - 17:50
User Badges:
  • Cisco Employee,

Hi Joshua, we have enabled support for T1/E1 (or fractional) on all UC500 SKUs earlier due to market needs/requirement. Initially, this would require CLI based configuration and we plan to provide an application note for partners to configure this via CLI session.

With our upcoming release of Cisco Configuration Assistant 1.5, we will enable the configuration of the T1/E1 card via a CCA's GUI.

Yamin Prabudy Fri, 08/31/2007 - 00:24
User Badges:

Hi Moahmed,

If UC500 support T1/E1 card, how many channel can we used? I heard that in UC500 we can't add any additional DSP module.

moahmed Tue, 09/04/2007 - 10:58
User Badges:
  • Cisco Employee,

We have factored in the "likely" worst case sceanrio for all our UC500 SKUs and have added appropriate DSPs (PVDM) to each to accomodate this. The intent is to make the platfrom very simple for partners/resellers to deploy and maintain. With that said, with 8 and 16 users we have 2 DSPs available which provides a budget to support 24 channels on 8 and 16 user system using g711ulaw configuration.

How many channels were you thinking and what exactly is the application you have in mind?

szcompass Fri, 08/31/2007 - 00:27
User Badges:

Dear Mohammed,,

I have a Cisco IP Phone 7940 and set up behind a PIX 525 (ver 7.2), I can call my colleague and here the ring tone. but when we pick up the phone, both of us can't hear anything. It is fine on the same side of the firewall. Hope you can help.

jeffshen1215 Fri, 08/31/2007 - 06:09
User Badges:

Hi MR. Mohammed,

Currently we have a T1 PRI connection between Cisco callmanager 4.1 and Nortel release 4 version3221, each side installed VM (Unity and Call pilot)

we set Nortel ADAN data as IFC=S100, USER=PRI, Side=Net, RCAP=NI2 (Because we don't have Qsig packages)

and Cisco 3845GW set with S100 protocal, side=User

Cisco IP phone DN as 3XXX, Nortel DN as 6xxx

We configured CDP so that we can dial each side directly by extention number and the call ID/Name shows well between each other.

But we have 3 questiones about the VM using.

(1)we had a problem to forward VM message to each other's side

For example, 3000 dial 6000, get a No Answer reponse so he leave a message in 6000's VM box, when 6000 receive the message, he deside to forward this to his colleague 3001, failed.

(2)we try to let Cisco UNity take over all VM services for both sides.

5000 is Unity VM pilot

If we forward 3000 to 5000

Dial 3000 from 3001 then Hear "3000 is not available, please leave message..." correct!

but if we forward 6000 to 5000

Dial 6000 from 3000 or 6001 both Hear "Hello, Cisco unity system,please dial the DN number..." sounds like hit the greeting...instead of "leave message" choice.

(3)Can we achieve MWI by current software release without Qsig?


moahmed Tue, 09/04/2007 - 10:22
User Badges:
  • Cisco Employee,

Hi Jeff, my recommendation is that you use:

1) VPIM between the two VM systems so that the users can forward the messages between Call Pilot and Unity.

2) Unity offers various ways to provide VM services behind Nortel products. You can use the PBX-IP Gateway as an alternative as well. Following are few links with additional details:

Hope that helps.

haifazakr Sat, 09/01/2007 - 23:51
User Badges:


we are having ASA5540 and we need to make one server on DMZ area to comunnicate with one server on protected lan (make DMZ server able to ping LAN server) would you please help me. Here is my configuration

: Saved


ASA Version 7.0(6)




enable password xxx




interface GigabitEthernet0/0

nameif OUTSIDE

security-level 0

ip address 62.240.*.* 255.255.*.*


interface GigabitEthernet0/1


security-level 100

ip address 192.168.*.* 255.255.*.*


interface GigabitEthernet0/2

nameif DMZ

security-level 50

ip address 10.55.*.* 255.255.*.*


interface GigabitEthernet0/3


no nameif

no security-level

no ip address


interface Management0/0

nameif management

security-level 100

ip address



passwd xxx

ftp mode passive

access-list DMZ_access_in extended permit icmp any any

access-list DMZ_access_in remark PINGING

access-list DMZ_access_in extended permit ip any host 10.55.*.*

access-list INSIDELAN_access_in extended permit icmp any any

pager lines 24

logging asdm informational

mtu OUTSIDE 1500

mtu INSIDELAN 1500

mtu DMZ 1500

mtu management 1500

no failover

asdm image disk0:/asdm506.bin

no asdm history enable

arp timeout 14400

global (OUTSIDE) 1 interface

global (DMZ) 1 interface


nat (DMZ) 1

static (INSIDELAN,DMZ) 10.55.*.* 192.168.*.* netmask

access-group INSIDELAN_access_in in interface INSIDELAN

access-group DMZ_access_in in interface DMZ

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address management

dhcpd lease 3600

dhcpd ping_timeout 50


: end

user-cisco Sun, 09/02/2007 - 02:33
User Badges:

Hi Mohamad,

i've the following questions on UC500:

1: how can i connect to internet from UC500, what is the interface and wic card used for this issue? also as i knew, 3 to 5 Cisco Unified Communications 500 Series systems can be configured to work together. so what is the interface type that will be used for both internet and site-to-site cases?

2: as i knew, SIP Trunking is supported between a Cisco Unified Communications 500 Series system and service providers though sip.

so, based on this, why is it not possible to connect to Cisco CallManager through SIP trunk, imagining that Callmanager is in place of that ISP's IP-Pbx?

3: can you guide me where can i order UC500 under Dynamic Conf Tool, I searched under IP Telephony product family, I did not find any thing related to UC500, is it under other product family?


moahmed Tue, 09/04/2007 - 10:11
User Badges:
  • Cisco Employee,

Hi, all UC500 systems have a WAN uplink (10/100 Mbps) available which can be used to provide connectivity into the broadband infrastructure (DSL modem, existing ISR or other data network set-up).

As far as site-to-site networking goes, please read a similar post on this topic (above).

SIP trunk connection is meant for SPs who offer this option. Before, we classify a certain SP is supported, we take them through a validation/testing phase to ensure that the partner and/or customer do not encounter deployment related challenges (related to configurations, etc). We have packaged, priced and positioned the UC500 as a SMB solution. If you have a Communications Manager based deployment, we recommend that you use ISR platform for these deployments.

Under DST, pls use UC520 as the product number to get to the specific UC500 series SKUs.

acharyr123 Sun, 09/02/2007 - 22:09
User Badges:

Hi Mohammad,

how will u place UC 500, Cisco 2821 Router & CME to a customer? what are the main differences b/w these 3?

moahmed Tue, 09/04/2007 - 11:28
User Badges:
  • Cisco Employee,

UC500 is designed, packaged and priced for stand-alone SMB market. It is a simplified solution with fixed configurations, packaged with "right" level of modularity and features/functionality that is desired by the SMB customer market segment. It supports plug-n-play features and is provisioned via Cisco Configuration Assistant It uses Cisco's investment in various technologies including, CME, CUE, IOS firewall, VPN, Wi-Fi, etc. Pls keep in mind that UC500 is not a router and it only supports static route and is expected to be deployed behind a broadband infrastructure (DSL modem, ISR, or existing data infrastructure).

ISR/CME solution is meant for both SMB and Enterprise branch offices and provides high level of modularity and choices for customers/partners to "customize" the deployments. ISRs in basic configuration can be used as a routing solution, or can be enhanced with various other technologies (in the field or at the order time). UC is one of the key feature/functionality offered with ISRs and allows support for CME or SRST, CUE is offered as an option or it can be deployed to support a centralized Unity or Unity Connection based VM solution, provides advanced images supporting IPS and IDS besides the firewall capabilities. Additionally, it provides support for various types for WAN interfaces via HWIC module family.

joshuamarsh Wed, 09/05/2007 - 05:23
User Badges:


I have a few more for you:

1. The phone limit on the UC520-8U-4FXO-K9 is 8. I can do this in any combination of IP or analog, but can't go over 8. However, I read in the Q&A that I can get 2 more licenses for a remote teleworker which I could alternately use for 7921s locally. Could you explain how this licensing works and what the process is to get the teleworker licenses? Is this a cost item or free? How do you limit it to only remote or wireless phones? Is there any limitation that would stop me from using it for a regular phone?

2. It sounds like there are plans (from the Q&A page) to make the UC500 upgradeable at some point. For example, you could upgrade the 8 user to a 16 user model. Could you speak to this?

3. The GUI seems to be great for getting a quick and basic config up and going. However, it is limited too. For example if you have any type of config that is going to require additional lines, etc, you have to go back to the web interface or the CLI. What are the plans for the GUI? Will this ever be a one stop shop for all configuration needs, or is the plan to only use it for the most basic configs?

4. When are the 32 & 48 user models expected to release?



moahmed Wed, 09/05/2007 - 16:00
User Badges:
  • Cisco Employee,

Hi Joshua, so a few things I must mention before I answer your specific question(s). We have made an attempt to simplify the product packaging, configurations and pricing so that the solution can be deployed without much heavy lifting in the field.

1. With that said, we have packaged 2 extra licenses with each currently shipping SKU. As you may know, there are 4 FXS ports built as part of fixed configurations and these are SCCP enabled so that if you do connect an analog phone, you can still transfer calls, have Call Waiting and other features accessible. In addition, we have added a few more licenses for CME, CUE and IP phones so that every time you add a remote teleworker or a Wi-Fi phone you do not have to download a new license (unlike some of the competitive products in the market). So with 8 and 16 user SKUs you have 2 extra licenses built into the SKU - no download required.

Essentially, we do not have any hard limits with respect to deployment scenarios and/or phone mix as long as you are following the system deployment guidelines. So you can make the entire office equipped with 7921 phones as long as 3 of these would be active at one time with the integrated AP or have the solution configured with teleworker set-up as long as you have enough bandwidth available for these remote IP Phones.

2. We do plan to offer upgrades via software licenses in the near future. Once the upgrade license is purchased, we will issue a license key which would allow the same 8 user system to support user density of 16 user SKUs

3. The Cisco Configuration Assistant 1.0 is out with our first launch of SBCS. We are actively working on adding additional features to it and we plan to introduce a new release almost every 3+ months with additional feature/functionality. So thanks for your patience and pls provide your valuable feedback to us so that we can better meet your needs.

4. The 32 and 48 user versions of UC500 and the 24 port companion CE520 are planned to be available as FCS solution by the end of this month.

I hope this helps. If so, please rate the post.


danny9797 Fri, 09/07/2007 - 07:07
User Badges:


I'm contemplating b/w CCIP and CCNP. I'll be working for an ISP so i'm gearing towards CCIP. I only have my CCNA at the moment. I heard CCNP has more 'beginner" type courses like MPLS, QOS and BGP. CCNP teaches the basics of the above while CCIP teaches more advanced material on the subject so CCIP is possibly geared towards someone who already has some experience and knowledge on the subjects.

What are your opinions on the matter? Do you recommend CCNP before CCIP? Is CCIP too difficult for a somewhat beginner in Cisco?


moahmed Fri, 09/07/2007 - 12:14
User Badges:
  • Cisco Employee,

Hi Danny, I am no expert on the certification and I would recommend that you post this on the appropriate forum.

However, based on what I do know..if you have CCNA then you should be able to go directly to CCIP (which I think is most appropriate for you - based on the role you are in).

Pls refer to the following link for additional details:


This Discussion