1. You can setup the IPSEC VPN and use the Cisco VPN client to connect to the UC540. CCA can then be used... but be sure not to make changes to the WAN or VPN while connected that way.
2. You should definitely have the firewall enabled. Not having it on opens you to brute force password attacks, toll fraud, and other issues.
3. Your access-lists probably need to be adjusted to accomodate your SIP provider. Could you provide your WAN access-list and the IP of your SIP provider? (A copy of your running config with passwords stripped would work fine too)
Configure Multicast Paging on the Cisco IP Phone 7800 Series or 8800 Series Multiplatform Phone
The Cisco IP Phone 7800 and 8800 Series Multiplatform Phones provide voice communication over an Internet Protocol (IP) network...
Add Call Park on a Cisco 7800 or 8800 Series Multiplatform Phone Key Expansion Module
Call park allows the user of the phone to put an incoming call on hold so that the call can be retrieved on another phone. A call is park...