Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Worker Options

Status
Not open for further replies.

ICURNVS

IS-IT--Management
Apr 8, 2022
5
US
Hello! I've been assigned the task of finding a solution for a single remote user to access our phone system. We currently have an IPO500 v2 11.1 with j179 handsets. we would like to be able to send the remote user a j179 handset to be able to connect to his home network and be able to reach the remote user through extensions and have him be able to make outbound phone calls through our IPO500.

I've read a TON of threads in this forum and everything says the proper way is to set up an SBC for this task. This seems overkill for being able to add a single remote worker to our system. Is it possible to accomplish this task without the added expense and configuration of using an SBC? I'd prefer to stay away from site-to-site VPNs since I won't be able to manage the remote user's router.

Let me know what you think!

ICURNVS


 
There is a way but it won't really be recommended here as the official way of doing it. But you set it up on local network at the corp office and register the extn first, then you static in the SIP server info from the admin menu on the phone (public facing IP of corp firewall), then on the corp firewall you setup rules to only allow remote home network's public facing IP through on the proper ports to the IPO and then deploy your phone remotely. Basically you lock it down as tight as you can with your firewall and don't leave it wide open for sip requests, since this is a single home worker in their house that should be pretty easy to do, hopefully their home public facing wan IP doesn't change from their internet provider.

Or

You you give them the Avaya IX workplace app for windows on their laptop and they VPN into your network from their computer and then fire up the avaya phone app. Secure and less hassle. (Assuming you have a power user license).
 
Thank you for the reply qtelcom! That would have been my plan but the remote user has a dynamic IP address from the ISP so filtering traffic by IP won't be possible. Is their a way to tell the IPO that it is only allowed to connect to the phones that I have manually configured and authorized and to reject connections to anything else?

My IPO 11.0 has Essential edition and a handful of IP Endpoint licenses. No Power User licenses.

I'm a Network Admin so my skill set is routers/switches/computers but phone systems, VoIP, and SIP are a little new to me.
thanks again!
ICURNVS
 
@derfloh Thanks for the reply! It is VERY unlikely others will be allowed to work remotely as the boss is very anti-remote work. he likes to be able to walk in to your office and see you LOL. This employee basically said he will need to quit if working remote would not be possible.

What's more frustrating is this employee will be working remotely for less than a year. The time and expense of integrating an SBC into the network for a short time frame just seems over-complicating what should be a fairly simple idea.

 
That might have to be the option we go with. In my opinion, the user experience of using a HardPhone is preferred by most as that is what people are used to. Using a softphone, although technically the same features, takes some getting used to for some people.

It's a shame that internet connected VoIP systems aren't natively supported for remote phones without the use of complicated configurations. Seems simple enough to integrate a system where a unique identifier assigned to every hardphone can be used to allow or disallow connections.

Hopefully the increased popularity of remote work driven by covid will open the development of a simpler remote IP phone system.

ICURNVS
 
I agree with the shift in the world you would expect them to make working remotely easier... but Im sure they would just say "go hosted". Sadly that is where Avaya is at this time.

The truth is just an excuse for lack of imagination.
 
Do you have a firewall that would allow an IPSec VPN? Pick up a used 9608 ot put the j phone in h.323 mode and program the VPN.
 
@TouchToneTommy

I thought the J100s had to be SIP to work with IP Office?
 
ICURVNS said:
It's a shame that internet connected VoIP systems aren't natively supported for remote phones without the use of complicated configurations. Seems simple enough to integrate a system where a unique identifier assigned to every hardphone can be used to allow or disallow connections.

technically you could try relying on the extn passwords (every Extn + ALL system user accounts would need complex passwords) but experience has shown that your PBX will get hacked in a very short time especially as the password requirement tends to get overlooked, set to something easy to remember & enter or forgotten completely when new users are added. DONT DO IT!

Do things on the cheap & it will cost you dear

ACSS
 
WOW! thank you all for the helpful responses!

Although tempting, its just not worth the risk of internet connecting the ip500. so, we are probably going to look for other solutions as the time and expense of configuring an SBC for a temporary situation is not justifiable.

I'll look into the suggestion of mobile twinning to see if that is an option. Does mobile twinning require the use of two phone lines whenever the mobile employee is receiving a phone call on his cell phone? one for the inbound call and one for the outbound call to the employees cell phone?
 
You can't do mobile twinning if you have analog lines. If you have PRI or SIP then yes you will use one channel for inbound and one channel back out to the twinned device.

The truth is just an excuse for lack of imagination.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top