09-13-2017 03:31 PM - edited 03-17-2019 11:10 AM
Hi there
I´m not really sure if I need CUBE configuration, we are going to connect via sip trunk to another site (another voice network), I already know their ip address where I set up in the sip trunk, as you might know we are going the use the TCP port 5060 which is the default.
As you might know signiling and RTP´s do not pass throught the same sip trunk, and as long as I know they travel separately. (correct me if I´m wrong)
So, the security team have told me that they cannot open ports for the RTP´s, so my voice team thought to configure CUBE for the RTP´s. So my question is, if we are correct or if there´s another solution? Let me know if you guys have questions. thanks.
09-13-2017 06:55 PM - edited 09-13-2017 06:56 PM
May I ask how the two sites are getting connected? In terms of the layer 1 of the OSI Model.
09-14-2017 07:03 AM
Well
In terms of layer 1, let me doble check that, why would you like to know about conectiviy for layer 1?
This is how we are planing to connect.
- the other site will be able to connect from their public IP address to us T1 Prod public IP X.X.X.X over TCP port 5060.
- that ip address translates to our cucm
- For outbound connectivity we will create the SIP trunk to communicate to the other site over TCP port 5060.
- These outbound connections go to the Internet via Shared Services.
- When these connections go out, they will be translated to one of 4 ip address that will have.
So basically I will only need to create the SIP trunk, but I know will only pass the signaling and I´m concern about the RTP´s. thanks.
09-13-2017 06:59 PM
09-14-2017 07:04 AM
I wish but, but let me explain you, how is going to be:
- the other site will be able to connect from their public IP address to us T1 Prod public IP X.X.X.X over TCP port 5060.
- that ip address translates to our cucm
- For outbound connectivity we will create the SIP trunk to communicate to the other site over TCP port 5060.
- These outbound connections go to the Internet via Shared Services.
- When these connections go out, they will be translated to one of 4 ip address that will have.
09-14-2017 09:09 AM
Hi Israel,
I would not expose the CUCM to the Internet.
The CUBE is the best solution even because you would expose its public interface only (behind a firewall opening signaling and rtp ports) .
You could apply security restriction on the CUBE by allowing connetions by remote public and local internal IPs only.
HTH
Regards
Carlo
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: