Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Teleworker phones without MBG/TW server

Status
Not open for further replies.

AH64Armament

Vendor
Sep 5, 2008
290
US
We have a site that is requesting to do a remote phone for a user without the aid of an MBG/Teleworker server nor the use of a static site-to-site VPN.
This would be on a 3300/MCD running MCD 6.x.

I've advised that this is a horrible idea and they should never do such a thing. I've seen where another site tried to do it with SIP only - it worked, but then hackers attempted to hit it and had so many attempts that it shut the system down from operation.

Mitel had this available for the 5000, but reeled it back in when folks were being hacked.

Just an FYI, I'm not doing this. I've messaged the guy trying to do this and suggested either to get a firewall with site to site VPN capabilities or to turn up a softphone and have the user VPN in.
 
Making something fool-proof is impossible. Fools are just too inventive.

I suppose you're entitled to your opinion, I'm just not going to suppose very hard.
 
Personally I would always try and go down the road of an MBG, failing that a VPN would be the last option.

In the last 16 years of working on the Mitel system and its Teleworker release I have had plenty of clients that have tried other means - but have always stated that it would need them to open ports on their firewall and it would be at their risk, as well as that it would not be supported by us (the Mitel Partner) and also Mitel.
 
I did many multi-sites deployments in the past. Always with MBG, site-to-site VPN or extended LAN on fiber network. I would never advise doing a remote site Mitel deployment straight through the internet.
With the price of good VPN enabled routers under 100$ nowadays, money isn't an excuse.
 
If the customer insists on connecting with out VPN or MBG be sure you CYA to eliminate any responsibility for troubles.

I suppose you're entitled to your opinion, I'm just not going to suppose very hard.
 
i Agree
anything other than MBg is a wast of time

If I never did anything I'd never done before , I'd never do anything.....

 
Another Vote for MBG or VPN.

Going without creates security issues that are not worth it.

 
We sent my recommendation to the customer. I haven't heard yet what they want to do with it. The list of ports from the Mitel 5000 docs were sent along with the 3 other options I recommended.

I sent it to my boss like this... and he simply forwarded it to the customer contact.

my recommendations in order
1 - MBG
2 - site to site VPN
3 - User VPN with SIP softphone on their PC.
4 - External Hot Desk
5 + Anything else
Hell has froze over - maybe consider using port forwarding.... MAYBE... even then it's a stupid idea.
 
One suggestion that works with well trained IT is to use the phrase Mitel Border Gateway instead of MBG.
You can also point it out that it is based on the Border Gateway Protocol.
The Mitel portion of it is the configuration being specific for Mitel device requirements.

The configuration of supported device types and features like IP Console or ACD agents translate to routing configuration of the Border Gateway in MBG.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top