Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Serial CUBE setup


I need to connect a CUCM cluster to a SIP provider. This provider will be providing a Cisco CUBE device as the demaraction point. They claim they need it to be on customer premises to be able to warrant services offered. That makes sense, but my security officer insists on using a security device between our network and the provider's network. That makes sense, too.

Have you come across this issue and if so, how did you solve it?

I was thinking about using 2 CUBEs in a serial setup (one managed by us and one managed by the provider).

Very interested in your $0.02!



Serial CUBE setup

Could you get away with putting a firewall (ethernet) between their CUBE and your network?  On the CUBE end, they should only need the ports and protocols necessary to pass SIP and RTP traffic.  Most decent commercial-grade firewalls should be able to handle that without too much fuss.

Are they providiner the connectivity between their CUBE and the PSTN/IPPSTN as well, or is that something you're providing at your site (like through another vendor)?  In that case, you may want a firewall on both sides of the device (where the internal one prevents things like telnet from their CUBE to your network).

Of course, another solution would be to VLAN their equipment so that it can only talk to the devices that it should, but that wouldn't cover anything but pure connectivity (they could still telnet from device to device).