Multisite deployment with CCA?

Unanswered Question
Jun 8th, 2009
User Badges:

We have had a UC500 up and configured at our main site for a few months now.  Everything seems to be running well, and we decided to extend the system out to some of our smaller satellite offices.  We have a few SR520's and 7961 handsets to deploy to these sites.

If we set up a VPN server on the UC500 using the EZVPN server through CCA 2.0, and then set up the SR520 VPN Remote settings through CCA 2.0, we can get a tunnel activated between the two sites, and the phones will register back to the UC500.  But something strange is happening whereby the the phones are staying connected, and inbound and outbound calling works both from the main site and the remote site, but internet utility is lost (our browsers cannot reach outside addresses nor will our mail clients).  There is obviously still internet connectivity, as all of our calling on the system is over SIP trunks (and the phones are still working fine).  This problem persists for any computer connected to the main site through the VPN tunnel.    I am a bit stumped.

Is there something simple that I am missing?  I know there are a number of applicable documents for remote teleworker set up, but all the documents I've found are a.) for the UC500 to 871 series routers, and b.) for configuration by CLI.  Is there a guide for doing a multisite deployment like this through CCA (and with UC500 to SR520)?

Thank you for your time.


James Magerman

Alliance for Inclusion and Prevention

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Steven DiStefano Mon, 06/08/2009 - 07:08
User Badges:
  • Blue, 1500 points or more

Did you try enabling Split Tunneling so the remote sites only access the host for calls and specific data VLAN in that office.

This would be done on the VPN Server side on the UC520.

aipcommunications Wed, 06/17/2009 - 08:54
User Badges:

I set up split tunneling, allowing access just to the data and voice vlans at the main site, and this worked for a short while.  But then our CUE module went on the fritz after the VPN tunnel was up for a short while again (though it seems to have been working at first).  We are currently waiting on a replacement unit.

In the meantime, when we set up the EZVPN server on the UC500, and then the corresponding EZVPN server on the SR520, the tunnel oocasionally drops, and must be re-initiated through a browser interface (Though the UC500 still occasionally shows these tunnels as still active).  Is there any way to make the VPN connection from the SR520 auto-initiate so that attempts to be in an alway-on state?

Thank you for your suggestion.  I will try again once the replacement arrives.


This Discussion

Related Content