Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Voice Networking using Static IP

Status
Not open for further replies.

DeepMike

Technical User
Oct 5, 2010
57
AE
Can we connect IPO 500 systems without having any VPN devices? The customer has static IP address at one site and they want to connect a remote IPO 500 to the main site but do not want to deploy any VNP devices or SBC.
 
Get ready for a really big phone bill. An IPO direct to the internet will be a prime target for hacking. A VPN between sites will save them money in the long term.

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
 
You can do it with avoiding any hacking by locking down the PBX to respond only to the IP addresses you permit.

Here is how to do it:

Under IP ROUTE - where you program the gateway, you have 3 fields.
The first field IP ADDRESS - is normally 0.0.0.0 - you should lock it down to the ip address at the remote site i.e. 58.54.65.5
The second field is IP MASK - you can put either 255.255.255.252 or better yet 255.255.255.255
The last field is your local public IP address of the GATEWAY IP ADDRESS of the location where the phone system is.

 
Note that the programming above with cause the phone system to not respond to any packets sent. A real sophisticated hacker of a extremely high level (I am not sure that exists) will be able to send packets to the phone system with no need for response. I doubt the hacker can do anything anyway since in addition to sending these packets without a reply, the hacker will need the username and password.

A WORD OF ADDED CAUTION: Make sure to log into security and change all the default username and passwords and disable the users you don't need.

 
@ctvi You underestimate hackers. VPN appliances are cheap and effective.

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
 
Butbyrd. I stand by my suggestion. You can basically lock down the IP Office that it only responds to IPs that you permit without a firewall or anything since it will not respond. Of course, you need to remove the 0.0.0.0 and only have IP addresses you permit.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top