I searched the discussions and docs but didn't find exactly what I was looking for. I am looking at documents/best practices for setting up remote offices/teleworkers over a VPN that will NOT terminate on the UC520. The VPN will be from a 5505 to a 5505 or a 871.
I would like to have a phone at the client site and a PC that accesses everything over the tunnel to the head office (where the UC520 lives)
On top of this I would also like the option for the Softphone client, and video on a PC that will VPN (IPSEC and SSL) into the 5505 and access the UC520 as well.
To add more fun to the mix I would like both types of clients to be able to use the Presence server (Call Connector for windows) as well.
I know these are multiple solutions but hey it never hurts to ask... ;)
I guess I should have said branch; we prefer the 5505 over the 871 for branch deployments.
If you are saying the 5505 will not work at the branch then I guess I have to try out the 871. Can I not just build an IPSEC tunnel s2s between the 5505 and 5510 and have this work for what I am trying to do? I would prefer not to use EZVPN, but if I have to I have to.
Currently I am testing the 5505, but obviously I am missing something and I assume it's an option in DHCP to have the phone to go the US520, do you know what option it is in DHCP to tell the phone where to get it's configs?
Anyway, if you could provide me answers to the above questions as well as why the 871 using EZVPN is the preferred method I would appreciate it,
I didnt say it wouldnt work. Just limited support. The preferred supported remote teleworker is the SR520. It supports up to 4 phones withour a switch but requires power bricks (no PoE like the 871W, where you can buy that power injector for the 4 switch ports).
But this is not a branch as you say, more a remote teleworker solution...
I searched around a little on this community and found some links for you to check out:
I got the VPN tunnel over the 5505 working and the phones now register and complete. The problem I had was I did not define the 10.1.10.0/24 address to be allowed over the tunnel. Even though I thought this was just for voicemail, I needed it and the tftp update to the phone worked after this was put in.
My next step is to test the softphone, video and the call connector over this vpn.
Just for reference this is a pure IPSEC tunnel configured by CLI and not using EZVPN (this is the configuration I prefer) and not terminating on the UC520.
Another note is CCA does not support the 5505 but can see and setup the phones at the end of the tunnel. Also I don't think MOH (multicast) is supported over the tunnel (I have yet to see if I can get this going)
Configure Multicast Paging on the Cisco IP Phone 7800 Series or 8800 Series Multiplatform Phone
The Cisco IP Phone 7800 and 8800 Series Multiplatform Phones provide voice communication over an Internet Protocol (IP) network...
Add Call Park on a Cisco 7800 or 8800 Series Multiplatform Phone Key Expansion Module
Call park allows the user of the phone to put an incoming call on hold so that the call can be retrieved on another phone. A call is park...