How Do I set up Remote Access for Avaya IPO 1

[ehecatl72]

Can someone tell me how set up remote access the AVAYA IPO 500 v9.0.2 for maintenance purposes.
Can this be done by port forwarding? what ports need to be open on the firewall? Any help is appreciated.

Technology is going to kill us all!

 

[HeathBCT]

I never bothered with setting up remote manager to access IPO directly.

What I do is remote into a local machine at the clients site and then hit the IPO over the network using manager.

ACSS - SME

 

[mkoker]

Team Viewer or any one of the screen sharing programs out there works well. You will obviously need to have the manager locally installer.

That works the best. Unless the customer is willing to let you have access to their network.

NTS Direct

 

[amriddle01]

RemoteManager is for UK/EUR mainly as we have ISDN2 so can use ISDN dial up for remote access, but those modems/TAs are getting rare, you can use another IPO for dial up too bit that's a bit awkward sometimes. You can use port forward and tie responses down with IP routes or use logmein on a customers/VM PC

 

[AACon]

You could just do what everyone is is doing, and throw some sip trunks on there opened up to the internet and don't block a thing! Remote access! yay! *dont do this*

Since logmein is no longer free, I suggest doing teamviewer, or join.me (sucks with UAC though), or AMMYY Admin (works fine, be careful) to a pc there with manager, like everyone else is saying. It's the best way really, until you can freely setup your own SSL VPN tunnels for management.

-Austin
ACE: Implement IP Office

 

[Nortel4Ever]

For dial up remote access assign an extension number to the RemoteManager user and change the password to something different from its default. Go down the menu to the RAS heading and put the same extension number in the Extension Number field of the RAS tab.
Assign an incoming call route to ring to that extension number or make it dialable in an Auto Attendant menu.
Configure your computer's dialup settings with RemoteManager as the user (case sensitive) and the password you used.

 

[tlpeter]

That is ofcourse for analog trunks.
When you have a BRI or PRI then just change the username and or password for the "RemoteManager" and use the default dial in incoming callroute.


BAZINGA!

I'm not insane, my mother had me tested!

 

[ehecatl72]

Thank you, all. It seems to me a SSL VPN would be the best option and secure way.


Technology is going to kill us all!

 

[shardian]

Avaya have dropped the price on whatever they now call what was the 3050 SSL VPN. You don't need to order it in 50 connection blocks anymore - just 10 session blocks. Its all virtualised too, so hardware required.

I used it for testing a bit about a year back and found it pretty good. You can have an 'always on' connection from your customer to your VPN (consumes a license the entire time), or just have the customer dial a shortcode on their system when you need to do any remote work for them (consumes a license whilst connected).

 

[Mullet_Rocker]

Or, you could do port forwarding.....I believe the port is 50804 for Manager.

 

[tlpeter]

If you want to het hacked then yes that is an option.

BAZINGA!

I'm not insane, my mother had me tested!

 

[IPGuru]

DO NOT Port forward to an IPO Office (the only times this is necessary is if you are using remote extns or one x mobility & then you should exercise extreme caution).

Amriddle you cant protect the IPO with its IP routing table because once the port has been forwarded it gets NATed to an internal address (I was caught by this one recently)
if you cannot make a data call Via ISDN then the only sensible solution is a VPN.



A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear

 

[amriddle01]

I have used IP routes as security on a port forwarded system a few times, using any IP other than ours gets no response at all, must have been a setting/feature on the router you used I guess

 

[IPGuru]

Interesting
I had Diagnosed that as the incoming data was passing though NAT it was seen as being a local Lan address.
Now I just will not trust any form of prot forwarding to the IPO Admin interface as just too risky.

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear