I need to connect a CUCM cluster to a SIP provider. This provider will be providing a Cisco CUBE device as the demaraction point. They claim they need it to be on customer premises to be able to warrant services offered. That makes sense, but my security officer insists on using a security device between our network and the provider's network. That makes sense, too.
Have you come across this issue and if so, how did you solve it?
I was thinking about using 2 CUBEs in a serial setup (one managed by us and one managed by the provider).
Could you get away with putting a firewall (ethernet) between their CUBE and your network? On the CUBE end, they should only need the ports and protocols necessary to pass SIP and RTP traffic. Most decent commercial-grade firewalls should be able to handle that without too much fuss.
Are they providiner the connectivity between their CUBE and the PSTN/IPPSTN as well, or is that something you're providing at your site (like through another vendor)? In that case, you may want a firewall on both sides of the device (where the internal one prevents things like telnet from their CUBE to your network).
Of course, another solution would be to VLAN their equipment so that it can only talk to the devices that it should, but that wouldn't cover anything but pure connectivity (they could still telnet from device to device).
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...