sundance-communications.com/forum Forums TDM Business Telephone Systems Avaya - Lucent Telephones & Systems IP office and remote IP phone

I have a new ip office we are installing, the user Wants a 9608 phone at his home. We have set up many ip phones, but usually on the same network. DO I need to set up a VPN or is there a simple way?

Open up the specific ports on the firewall, and whitelist ONLY the user's home IP to get access through the firewall. The extension is a "remote worker", you can have up to 4 without any additional licensing.

Or, program the firewall with an IPSec Group VPN, program the 9608 with matching parameters. Now you can have as many as the firewall will allow.

In both cases, be sure the remote subnet is different from the IP Office's local subnet, and you have a default route to the firewall, or add explicit routes as needed

Thanks Tommy - but which end needs the white list? the router at the office? Think they just have a residential router, D-link or linksys at the office same thing at the home.

https://documentation.avaya.com/bun...erR11.0/page/Remote_HTTP_Extensions.html

At the office, you need a Static Public IP Address, the Internet modem should be set in Bridge mode, and they need a real firewall.
In the firewall, you allow connections on ports 1719, 1720, and 46750 through 50750 (but verify the RTP range on the VoIP tab of the IPO's LAN port)
The firewall must BLOCK connections on those ports from any other source, or you WILL be hacked

At this point, you might as well program an IPSec VPN on the firewall, program the built in IPSec VPN in the 9608 phone, and now the phone can connect from anywhere, even if the home's public ip changes, or you eventually need more remote phones.

Just got back from the site, bad news, they have a cisco router, not a residential one.

So have their IT Vendor add the programming for a remote phone or the IPSec VPN