Redian新闻
>
How to connect a 7900 to remote call manager ?
avatar
How to connect a 7900 to remote call manager ?# EmergingNetworking - 热门网络技术
l*u
1
and make it cheap.
eg, work from home worker wants to connect
the 7900 physical phone to the company's
call manager 4.0 via VPN.
the VPN protocol of the company is PPTP.
What router should be working in this case?
something like CM elite, or the router from csco
asking for thousands $ jiu suan leh...too expensive
thanks for big shrimps, high hands help!!
avatar
z*r
2
其实买一个linksys WRT54G v4 or below的,就可以了,装了第三方firmware,pptp/
ipsec还有qos都有了。价钱俺的花了20,没有deal的时候,50左右?厚厚,当然稳定性还
有速度是不能跟business class的东西比勒。
哦,对了,俺的还装了openvpn在上面,可以搞ssl vpn,厚厚。linux就是好呀就是好
avatar
l*u
3
duo xie ge wei !
i am going to buy the router to try try.
hope i can somehow make it work. :)
avatar
z*r
4
keep in mind, make sure it can support QoS for your voip traffic, otherwise,
your voice quality will probably suffer when having heavy load on the link.
Also keep in mind, anti-spam/virus features don't come free, most likely,
you are going to have to pay annual fee for upgrading the virus/spam datebase.
Over all, that one looks really nice besides these 2 I mentioned. basically,
it's a firewall, and focused on security, instead of forwarding traffic.

【在 l****u 的大作中提到】
: duo xie ge wei !
: i am going to buy the router to try try.
: hope i can somehow make it work. :)

avatar
l*y
5
i don't see what's the benifit of supporting qos. you're traversing the
internet...

datebase.

【在 z**r 的大作中提到】
: keep in mind, make sure it can support QoS for your voip traffic, otherwise,
: your voice quality will probably suffer when having heavy load on the link.
: Also keep in mind, anti-spam/virus features don't come free, most likely,
: you are going to have to pay annual fee for upgrading the virus/spam datebase.
: Over all, that one looks really nice besides these 2 I mentioned. basically,
: it's a firewall, and focused on security, instead of forwarding traffic.

avatar
c*a
6
the good thing of 5gt is that it uses same code base as large box, same UI
1. surely it supports QoS/Traffic Shaping
2. supports multicast routing protocol (PIM), haven't checked ospf/rip, may
require advanced license
3. supports URL Filtering/AntiVirus
4. It does support IPSec/L2TP (not sure about pptp, maybe a bad choice for OP)
5. Deep packet inspection (supports SIP NAT, no need for UPnP)
6. Route based or policy based NATting
7. many others

just
fortinet
why

【在 z**r 的大作中提到】
: keep in mind, make sure it can support QoS for your voip traffic, otherwise,
: your voice quality will probably suffer when having heavy load on the link.
: Also keep in mind, anti-spam/virus features don't come free, most likely,
: you are going to have to pay annual fee for upgrading the virus/spam datebase.
: Over all, that one looks really nice besides these 2 I mentioned. basically,
: it's a firewall, and focused on security, instead of forwarding traffic.

avatar
z*r
7
one-time-password is not a neccesary for ppp authentication, only required
when his compnay requires. Even he needs one-time-password, he always can
generate it on the secured and approved laptop from company IT, then use that
password for PPTP initiation on the router.
Guess what, I don't think his company really cares about much about security,
since they are even using PPTP, hehe, so I am pretty sure they don't use one-
time-password at all.
But I definately agree that to put home network on
avatar
c*a
8
that's true, I would be very cautious in recommending people running
advanced routing protocols on those boxes. If same routing
protocol code from JunOS will be ported on to firewall, that would be nice
actually, shaping is nice feature, and it can be used for shaping a specific
flow, (such as only 500kbps for any ftp traffic from kids' PC) and assign
a special queue for voice traffic, no matter where it is from

shaping
no1

【在 z**r 的大作中提到】
: one-time-password is not a neccesary for ppp authentication, only required
: when his compnay requires. Even he needs one-time-password, he always can
: generate it on the secured and approved laptop from company IT, then use that
: password for PPTP initiation on the router.
: Guess what, I don't think his company really cares about much about security,
: since they are even using PPTP, hehe, so I am pretty sure they don't use one-
: time-password at all.
: But I definately agree that to put home network on

avatar
z*r
9
ok, this seemd a simple question, but when I double checked those cheap
business
class routers like Cisco 8xx, I found they don't support pptp, though they
support ipsec, l2tp, gre. I guess it's because pptp is just out of date?
however, when I checked out linksys router with the 3rd party firmware, like
ddwrt or openwrt, I found, both pptp client and server are supported.
Now the expense changes to 30 from 300

computers
avatar
o*v
10
good to see jnpr highhand here. haha.

【在 c*a 的大作中提到】
: that's true, I would be very cautious in recommending people running
: advanced routing protocols on those boxes. If same routing
: protocol code from JunOS will be ported on to firewall, that would be nice
: actually, shaping is nice feature, and it can be used for shaping a specific
: flow, (such as only 500kbps for any ftp traffic from kids' PC) and assign
: a special queue for voice traffic, no matter where it is from
:
: shaping
: no1

avatar
z*r
11
yeah, this is mentioned in the dhcp stadards, right?

【在 l***y 的大作中提到】
: i don't see what's the benifit of supporting qos. you're traversing the
: internet...
:
: datebase.

avatar
b*e
12
While you guys are enjoying discussing QoS, did anybody figure out the way to
solve LZ's problem yet?

concern
delay

【在 z**r 的大作中提到】
: yeah, this is mentioned in the dhcp stadards, right?
avatar
z*r
13
as for the current internet backbone in US, the delay brought in by the
backbone should be less 50ms, yes, as long as the one way latency for the voip
is less than 150ms, it should be fine. However, in lots of cases, the other
network components bring too much latency, say the media gateway, session
boarder controller, etc. 2 way 300ms latency is the minimum requirement anyway
. we are on the same page at this point.
I thought the video packets are all small UDP packets, and since normally
there

【在 l***y 的大作中提到】
: i don't see what's the benifit of supporting qos. you're traversing the
: internet...
:
: datebase.

avatar
l*u
14
Ya, i got a 7912 series .
it has tftp getter/dhcp config. never know it has a TUI
interface. a simple GUI is with the phone LCD.

【在 l***y 的大作中提到】
: i don't see what's the benifit of supporting qos. you're traversing the
: internet...
:
: datebase.

avatar
b*e
15
No, find a cheap router that can work as PPTP client, and have home computers
always on VPN.

【在 z**r 的大作中提到】
: as for the current internet backbone in US, the delay brought in by the
: backbone should be less 50ms, yes, as long as the one way latency for the voip
: is less than 150ms, it should be fine. However, in lots of cases, the other
: network components bring too much latency, say the media gateway, session
: boarder controller, etc. 2 way 300ms latency is the minimum requirement anyway
: . we are on the same page at this point.
: I thought the video packets are all small UDP packets, and since normally
: there

avatar
z*r
16
it should support ospf/rip, since it can even support bgp from the product
introduction, but who'd like to use it anyway, hehe
Shaping might not be the good choice for VoIP traffic, because traffic shaping
solves the jitter issue very well, but for voip traffic, the delay is the no1
concern. but I guess it may have other choices like priority queueing?
it's really like the low end box from Fortinet as for the features

OP)

【在 c*a 的大作中提到】
: the good thing of 5gt is that it uses same code base as large box, same UI
: 1. surely it supports QoS/Traffic Shaping
: 2. supports multicast routing protocol (PIM), haven't checked ospf/rip, may
: require advanced license
: 3. supports URL Filtering/AntiVirus
: 4. It does support IPSec/L2TP (not sure about pptp, maybe a bad choice for OP)
: 5. Deep packet inspection (supports SIP NAT, no need for UPnP)
: 6. Route based or policy based NATting
: 7. many others
:

avatar
z*r
17

right, this is what the shaping is for. my point is, shaping uses a lot of
buffer to shape the traffic, so normally, shaping would bring more latency for
the traffic, but elimate the jitter, as for how long? it depends on the
buffer size and the processing speed.
This feature is nice for normal traffic, even video, because for normal
traffic, the delay is not the No1 concern, similar to this, the video traffic
is very sensitive for jitter, not the delay.
That's why I said, if it has priority qu

【在 c*a 的大作中提到】
: that's true, I would be very cautious in recommending people running
: advanced routing protocols on those boxes. If same routing
: protocol code from JunOS will be ported on to firewall, that would be nice
: actually, shaping is nice feature, and it can be used for shaping a specific
: flow, (such as only 500kbps for any ftp traffic from kids' PC) and assign
: a special queue for voice traffic, no matter where it is from
:
: shaping
: no1

avatar
b*e
18
While you guys are enjoying discussing QoS, did anybody figure out the way to
solve LZ's problem yet?

concern
delay

【在 z**r 的大作中提到】
:
: right, this is what the shaping is for. my point is, shaping uses a lot of
: buffer to shape the traffic, so normally, shaping would bring more latency for
: the traffic, but elimate the jitter, as for how long? it depends on the
: buffer size and the processing speed.
: This feature is nice for normal traffic, even video, because for normal
: traffic, the delay is not the No1 concern, similar to this, the video traffic
: is very sensitive for jitter, not the delay.
: That's why I said, if it has priority qu

avatar
z*r
19
hehe, whenever you have a chance, you may want to give priority queueing a try
. It really works on both Cisco and Juniper boxes, tho the performance may be
different, coz the implementation could be based on software only, microcode,
or hardware asic. Especially in the situation of congestion, you would see the
huge difference between any other QoS ensured traffic and priority queue
traffic.
Personally, I believe Netscreen is the best firewall product line, but Cisco
FWSM is really flexible, pu

【在 c*a 的大作中提到】
: that's true, I would be very cautious in recommending people running
: advanced routing protocols on those boxes. If same routing
: protocol code from JunOS will be ported on to firewall, that would be nice
: actually, shaping is nice feature, and it can be used for shaping a specific
: flow, (such as only 500kbps for any ftp traffic from kids' PC) and assign
: a special queue for voice traffic, no matter where it is from
:
: shaping
: no1

avatar
c*a
20
I see your point. but wouldn't expect those feature (even if it claims,
wouldn't actually trust those) on low end platform. The true hardware
assisted packet forwarding firewalls has to be at least ns500 or above
I'm sure PIX/FWSM and Nokia/Checkpoint may somewhat claim to have those
QoS function in these firewalls. I like the way FWSM manages resource(CPU/MEM)
on each instance, it has had the feature since a couple years ago
not sure how, but it would nice to integrate peribit (another acquisit

【在 z**r 的大作中提到】
: hehe, whenever you have a chance, you may want to give priority queueing a try
: . It really works on both Cisco and Juniper boxes, tho the performance may be
: different, coz the implementation could be based on software only, microcode,
: or hardware asic. Especially in the situation of congestion, you would see the
: huge difference between any other QoS ensured traffic and priority queue
: traffic.
: Personally, I believe Netscreen is the best firewall product line, but Cisco
: FWSM is really flexible, pu

avatar
z*r
21
didn't see you said "low end" hehe

try
be
,
the
idea,

【在 z**r 的大作中提到】
: hehe, whenever you have a chance, you may want to give priority queueing a try
: . It really works on both Cisco and Juniper boxes, tho the performance may be
: different, coz the implementation could be based on software only, microcode,
: or hardware asic. Especially in the situation of congestion, you would see the
: huge difference between any other QoS ensured traffic and priority queue
: traffic.
: Personally, I believe Netscreen is the best firewall product line, but Cisco
: FWSM is really flexible, pu

avatar
c*a
22
who's LZ? the OP?
I know for sure that Cisco HW VPN Client 3002 worked for IPSec Tunnel, and
one of my customers used 7960 at home via tunnel b/w 3002 and 3030
concentrator
If it has to be pptp, not sure if any lowend 800 (as zher suggested already)
will work, it may supports SRST, but may be more expensive
Is OP looking for a solution (which will require backend change) or just
a workaround for yourself. Believe the DHCP relay should be supported on
pptp gateway, unless you have another way to

【在 b******e 的大作中提到】
: While you guys are enjoying discussing QoS, did anybody figure out the way to
: solve LZ's problem yet?
:
: concern
: delay

avatar
z*r
23
ft, he meant to use the soho router to terminate the pptp tunnel, instead of
the termination on the laptop

a
DHCP
phone
tunneled,
,

【在 b******e 的大作中提到】
: While you guys are enjoying discussing QoS, did anybody figure out the way to
: solve LZ's problem yet?
:
: concern
: delay

avatar
c*a
24
the good thing of 5gt is that it uses same code base as large box, same UI
1. surely it supports QoS/Traffic Shaping
2. supports multicast routing protocol (PIM), haven't checked ospf/rip, may
require advanced license
3. supports URL Filtering/AntiVirus
4. It does support IPSec/L2TP (not sure about pptp, maybe a bad choice for OP)
5. Deep packet inspection (supports SIP NAT, no need for UPnP)
6. Route based or policy based NATting
7. many others

just
fortinet
why

【在 z**r 的大作中提到】
: ft, he meant to use the soho router to terminate the pptp tunnel, instead of
: the termination on the laptop
:
: a
: DHCP
: phone
: tunneled,
: ,

avatar
z*r
25
that's why I said when having heavy load on the link, actually especially for
the upstream, the normal broadband server has only about 384kbps upstream,
which is so easy to get congested if you use BT or whatever service.
In this situation, Internet would not be the bottleneck, and QoS is a nice
feature.

【在 l***y 的大作中提到】
: i don't see what's the benifit of supporting qos. you're traversing the
: internet...
:
: datebase.

avatar
z*r
26
I say latency is the No1 concern, doesn't mean the latency is the only concern
. hehe
comparing to video traffic, voice traffic needs much less buffers, and also
ppl don't want to put too much into the buffer because thus causes huge delay
easily, on the Push To Talk service, I used to see 5 seconds delay by the
buffer. And for human beings character, delay is much more sensitive than
jitter for VoIP
traffic.
For video traffic, if it's not interactive video game, which is so new and I
have not s

【在 l***y 的大作中提到】
: i don't see what's the benifit of supporting qos. you're traversing the
: internet...
:
: datebase.

avatar
l*y
27
jitter is a problem too. the endpoint buffs will suffer because of jitter.
delay can cause echo problems, among other things. a 200ms delay is okay tho

shaping
no1

【在 z**r 的大作中提到】
: it should support ospf/rip, since it can even support bgp from the product
: introduction, but who'd like to use it anyway, hehe
: Shaping might not be the good choice for VoIP traffic, because traffic shaping
: solves the jitter issue very well, but for voip traffic, the delay is the no1
: concern. but I guess it may have other choices like priority queueing?
: it's really like the low end box from Fortinet as for the features
:
: OP)

avatar
l*y
28
hmm, i was thinking, unless you run BT all the time! :D

for

【在 z**r 的大作中提到】
: that's why I said when having heavy load on the link, actually especially for
: the upstream, the normal broadband server has only about 384kbps upstream,
: which is so easy to get congested if you use BT or whatever service.
: In this situation, Internet would not be the bottleneck, and QoS is a nice
: feature.

avatar
z*r
29
what's the problem? the broadcast dscp request? a helper address should work
for it, right?

to

【在 b******e 的大作中提到】
: While you guys are enjoying discussing QoS, did anybody figure out the way to
: solve LZ's problem yet?
:
: concern
: delay

avatar
z*r
30
hehe, so what do you do? I know something like click to talk, but I am not
supprised at all.

【在 l***y 的大作中提到】
: hmm, i was thinking, unless you run BT all the time! :D
:
: for

avatar
b*e
31
No, find a cheap router that can work as PPTP client, and have home computers
always on VPN.

【在 z**r 的大作中提到】
: what's the problem? the broadcast dscp request? a helper address should work
: for it, right?
:
: to

avatar
c*a
32
that's true, I would be very cautious in recommending people running
advanced routing protocols on those boxes. If same routing
protocol code from JunOS will be ported on to firewall, that would be nice
actually, shaping is nice feature, and it can be used for shaping a specific
flow, (such as only 500kbps for any ftp traffic from kids' PC) and assign
a special queue for voice traffic, no matter where it is from

shaping
no1

【在 z**r 的大作中提到】
: it should support ospf/rip, since it can even support bgp from the product
: introduction, but who'd like to use it anyway, hehe
: Shaping might not be the good choice for VoIP traffic, because traffic shaping
: solves the jitter issue very well, but for voip traffic, the delay is the no1
: concern. but I guess it may have other choices like priority queueing?
: it's really like the low end box from Fortinet as for the features
:
: OP)

avatar
c*a
33
I see your point. but wouldn't expect those feature (even if it claims,
wouldn't actually trust those) on low end platform. The true hardware
assisted packet forwarding firewalls has to be at least ns500 or above
I'm sure PIX/FWSM and Nokia/Checkpoint may somewhat claim to have those
QoS function in these firewalls. I like the way FWSM manages resource(CPU/MEM)
on each instance, it has had the feature since a couple years ago
not sure how, but it would nice to integrate peribit (another acquisit

【在 z**r 的大作中提到】
: hehe, so what do you do? I know something like click to talk, but I am not
: supprised at all.

avatar
z*r
34
突然想起来,难道你做跟cisco ip radio什么类似的东西?

【在 z**r 的大作中提到】
: hehe, so what do you do? I know something like click to talk, but I am not
: supprised at all.

avatar
b*e
35
While you guys are enjoying discussing QoS, did anybody figure out the way to
solve LZ's problem yet?

concern
delay

【在 z**r 的大作中提到】
: I say latency is the No1 concern, doesn't mean the latency is the only concern
: . hehe
: comparing to video traffic, voice traffic needs much less buffers, and also
: ppl don't want to put too much into the buffer because thus causes huge delay
: easily, on the Push To Talk service, I used to see 5 seconds delay by the
: buffer. And for human beings character, delay is much more sensitive than
: jitter for VoIP
: traffic.
: For video traffic, if it's not interactive video game, which is so new and I
: have not s

avatar
z*r
36
其实买一个linksys WRT54G v4 or below的,就可以了,装了第三方firmware,pptp/
ipsec还有qos都有了。价钱俺的花了20,没有deal的时候,50左右?厚厚,当然稳定性还
有速度是不能跟business class的东西比勒。
哦,对了,俺的还装了openvpn在上面,可以搞ssl vpn,厚厚。linux就是好呀就是好

【在 b******e 的大作中提到】
: While you guys are enjoying discussing QoS, did anybody figure out the way to
: solve LZ's problem yet?
:
: concern
: delay

avatar
l*y
37
most latency is caused by the distance over wan, and how is the physical
links are connected, vs the logical network. unless there're much buffering
in the intermedia path, which i find it hard to imagine. i know by the
book large latency is no-no, yet we have some voip users doing, oh at
least 300ms, it sounds insane but very few complain.
video's killer is packet-loss, especially loss of the full frames.
btw, any good IP Push to Talk product to recommand? :)

concern
delay

【在 z**r 的大作中提到】
: I say latency is the No1 concern, doesn't mean the latency is the only concern
: . hehe
: comparing to video traffic, voice traffic needs much less buffers, and also
: ppl don't want to put too much into the buffer because thus causes huge delay
: easily, on the Push To Talk service, I used to see 5 seconds delay by the
: buffer. And for human beings character, delay is much more sensitive than
: jitter for VoIP
: traffic.
: For video traffic, if it's not interactive video game, which is so new and I
: have not s

avatar
l*y
38
btw, if you trade-in the 7900 with a 7960, you don't need to do dhcp,
7960 can do 3 ways:
fully dhcp: getting tftp server, default gateway all from dhcp
particial dhcp: getting only self ip and default gateway from dhcp,
tftp server static configured via TUI
full static: everything configured on the TUI.
you probably know this, i just mean it's not worth it to solve this
problem just to stick with a dumb phone. :)

【在 z**r 的大作中提到】
: what's the problem? the broadcast dscp request? a helper address should work
: for it, right?
:
: to

avatar
l*u
40
duo xie ge wei !
i am going to buy the router to try try.
hope i can somehow make it work. :)

【在 c*a 的大作中提到】
: I see your point. but wouldn't expect those feature (even if it claims,
: wouldn't actually trust those) on low end platform. The true hardware
: assisted packet forwarding firewalls has to be at least ns500 or above
: I'm sure PIX/FWSM and Nokia/Checkpoint may somewhat claim to have those
: QoS function in these firewalls. I like the way FWSM manages resource(CPU/MEM)
: on each instance, it has had the feature since a couple years ago
: not sure how, but it would nice to integrate peribit (another acquisit

avatar
z*r
41
keep in mind, make sure it can support QoS for your voip traffic, otherwise,
your voice quality will probably suffer when having heavy load on the link.
Also keep in mind, anti-spam/virus features don't come free, most likely,
you are going to have to pay annual fee for upgrading the virus/spam datebase.
Over all, that one looks really nice besides these 2 I mentioned. basically,
it's a firewall, and focused on security, instead of forwarding traffic.

【在 l****u 的大作中提到】
: duo xie ge wei !
: i am going to buy the router to try try.
: hope i can somehow make it work. :)

avatar
z*r
42
one-time-password is not a neccesary for ppp authentication, only required
when his compnay requires. Even he needs one-time-password, he always can
generate it on the secured and approved laptop from company IT, then use that
password for PPTP initiation on the router.
Guess what, I don't think his company really cares about much about security,
since they are even using PPTP, hehe, so I am pretty sure they don't use one-
time-password at all.
But I definately agree that to put home network on

【在 b******e 的大作中提到】
: While you guys are enjoying discussing QoS, did anybody figure out the way to
: solve LZ's problem yet?
:
: concern
: delay

avatar
l*y
43
gah, thanks for the info abuot push to talk, you won't believe what
we're doing even if i'm allowed to tell you. :P
for video, v. popular h.263 codec actually transfer a full frame from
time to time, and transfer the diff of the frame in between. so if you
keep lossing the full frame the video will be unrecognizable after a few
tens of seconds.
quite commonly, sip has info message to rectify this problem.
endpoints can request full frames from each other with info messages,
so you end up transm

【在 z**r 的大作中提到】
: as for the current internet backbone in US, the delay brought in by the
: backbone should be less 50ms, yes, as long as the one way latency for the voip
: is less than 150ms, it should be fine. However, in lots of cases, the other
: network components bring too much latency, say the media gateway, session
: boarder controller, etc. 2 way 300ms latency is the minimum requirement anyway
: . we are on the same page at this point.
: I thought the video packets are all small UDP packets, and since normally
: there

avatar
l*y
44
nah not even iptv... can not say, can not say :)))

【在 z**r 的大作中提到】
: 突然想起来,难道你做跟cisco ip radio什么类似的东西?
avatar
z*r
45
ok, this seemd a simple question, but when I double checked those cheap
business
class routers like Cisco 8xx, I found they don't support pptp, though they
support ipsec, l2tp, gre. I guess it's because pptp is just out of date?
however, when I checked out linksys router with the 3rd party firmware, like
ddwrt or openwrt, I found, both pptp client and server are supported.
Now the expense changes to 30 from 300

computers

【在 b******e 的大作中提到】
: No, find a cheap router that can work as PPTP client, and have home computers
: always on VPN.

avatar
z*r
46
yeah, this is mentioned in the dhcp stadards, right?

【在 l***y 的大作中提到】
: btw, if you trade-in the 7900 with a 7960, you don't need to do dhcp,
: 7960 can do 3 ways:
: fully dhcp: getting tftp server, default gateway all from dhcp
: particial dhcp: getting only self ip and default gateway from dhcp,
: tftp server static configured via TUI
: full static: everything configured on the TUI.
: you probably know this, i just mean it's not worth it to solve this
: problem just to stick with a dumb phone. :)

avatar
l*y
47
i don't see what's the benifit of supporting qos. you're traversing the
internet...

datebase.

【在 z**r 的大作中提到】
: keep in mind, make sure it can support QoS for your voip traffic, otherwise,
: your voice quality will probably suffer when having heavy load on the link.
: Also keep in mind, anti-spam/virus features don't come free, most likely,
: you are going to have to pay annual fee for upgrading the virus/spam datebase.
: Over all, that one looks really nice besides these 2 I mentioned. basically,
: it's a firewall, and focused on security, instead of forwarding traffic.

相关阅读
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。