date:20190904

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Ryan Ratliff (rratliff) via cisco-voip

Remember the cert presentation in a TLS setup happens after the server knows 
the client’s capabilities.

Try with a browser or ssl client that doesn’t support EC and see if you get the 
RSA cert.

Ryan Ratliff
Manager, Cisco Cloud Collaboration TAC
Standard Business Hours: 8:00AM-5:00PM EDT
Email: rratl...@cisco.com
Office: +1 919-476-2081
Mobile: +1-919-225-0448
Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209

From: Brian Meade 
Date: Wednesday, September 4, 2019 at 1:59 PM
To: Anthony Holloway 
Cc: Tim Smith , Ryan Ratliff , 
cisco-voip list 
Subject: Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

This was on an 11.5 cluster without that setting changed from default.  I'm 
wondering if that setting doesn't potentially change it everywhere.

On Wed, Sep 4, 2019 at 12:18 PM Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>> 
wrote:
So Brian, you (or someone) has then changed the HTTPS Ciphers Enterprise 
Parameter to use EC certs then?  Because that's not the default setting.

On Wed, Sep 4, 2019 at 10:20 AM Brian Meade 
mailto:bmead...@vt.edu>> wrote:
Some customers of mine with Linux environments connect to the CCMAdmin pages 
with the EC certs.  It's definitely a good idea to get those signed.

On Tue, Sep 3, 2019 at 11:06 PM Tim Smith 
mailto:tim.sm...@enject.com.au>> wrote:
Is it time to start getting our EC certs signed as well?


From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
on behalf of "cisco-voip@puck.nether.net" 
mailto:cisco-voip@puck.nether.net>>
Reply to: "Ryan Ratliff (rratliff)" 
mailto:rratl...@cisco.com>>
Date: Wednesday, 4 September 2019 at 1:02 pm
To: Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>>, 
"cisco-voip@puck.nether.net" 
mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

TCP/6972 is hosted by the TFTP service specifically for secure download of 
configuration files and firmware (HTTPS using the Callmanager-EC cert) by 
endpoints. It’s using EC because only endpoints that support strong encryption 
will use support HTTPS downloads via TFTP.
TCP/6970 is for the same as HTTP
TCP/6971 is for the same as HTTPS using the Tomcat certificate (for Jabber)

None of these are intended to be used by your browser, though it works 
perfectly well for testing and troubleshooting.

Ryan Ratliff
Manager, Cisco Cloud Collaboration TAC
Standard Business Hours: 8:00AM-5:00PM EDT
Email: rratl...@cisco.com
Office: +1 919-476-2081
Mobile: +1-919-225-0448
Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209

From: cisco-voip 
mailto:cisco-voip-boun...@puck.nether.net>> 
on behalf of Anthony Holloway 
mailto:avholloway%2bcisco-v...@gmail.com>>
Date: Tuesday, September 3, 2019 at 10:03 PM
To: cisco-voip list 
mailto:cisco-voip@puck.nether.net>>
Subject: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

So, I just ran into something interesting where someone else took care of the 
certs for a CUCM I now have access to, and while the main CCMAdmin pages load 
fine in my browser with a full chain of trust, the 6972 page(s) are being 
delivered as EC certs, which were not signed, and thus, I get a warning in my 
browser.

Now, I have other CUCM deployments under my belt where the Tomcat RSA certs are 
signed and EC not, because the default setting for CUCM is to not use EC certs 
until you tell it to.  These deployments still present the RSA cert to me for 
6972.

The only difference is the SU6 part.

I couldn't find anything in the release notes nor in the bug search, and so I'm 
wondering if any of you know what might be happening.

I tried toggling the HTTP Ciphers from RSA only to All and back again, but that 
didn't work.

I tried re-uploading the RSA cert chain, starting from root, and then back 
through the 2 intermediates (yes, three layers deep, it's a public CA chain).

I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted the 
cluster, and I'm just at a loss.  It's not that big of a deal, it just bothers 
me that I don't know why it's doing this.
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Brian Meade

This was on an 11.5 cluster without that setting changed from default.  I'm
wondering if that setting doesn't potentially change it everywhere.

On Wed, Sep 4, 2019 at 12:18 PM Anthony Holloway <
avholloway+cisco-v...@gmail.com> wrote:

> So Brian, you (or someone) has then changed the HTTPS Ciphers Enterprise
> Parameter to use EC certs then?  Because that's not the default setting.
>
> On Wed, Sep 4, 2019 at 10:20 AM Brian Meade  wrote:
>
>> Some customers of mine with Linux environments connect to the CCMAdmin
>> pages with the EC certs.  It's definitely a good idea to get those signed.
>>
>> On Tue, Sep 3, 2019 at 11:06 PM Tim Smith 
>> wrote:
>>
>>> Is it time to start getting our EC certs signed as well?
>>>
>>>
>>>
>>>
>>>
>>> *From: *cisco-voip  on behalf of "
>>> cisco-voip@puck.nether.net" 
>>> *Reply to: *"Ryan Ratliff (rratliff)" 
>>> *Date: *Wednesday, 4 September 2019 at 1:02 pm
>>> *To: *Anthony Holloway , "
>>> cisco-voip@puck.nether.net" 
>>> *Subject: *Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>>>
>>>
>>>
>>> TCP/6972 is hosted by the TFTP service specifically for secure download
>>> of configuration files and firmware (HTTPS using the Callmanager-EC cert)
>>> by endpoints. It’s using EC because only endpoints that support strong
>>> encryption will use support HTTPS downloads via TFTP.
>>>
>>> TCP/6970 is for the same as HTTP
>>>
>>> TCP/6971 is for the same as HTTPS using the Tomcat certificate (for
>>> Jabber)
>>>
>>>
>>> None of these are intended to be used by your browser, though it works
>>> perfectly well for testing and troubleshooting.
>>>
>>>
>>>
>>> Ryan Ratliff
>>>
>>> Manager, Cisco Cloud Collaboration TAC
>>>
>>> Standard Business Hours: 8:00AM-5:00PM EDT
>>> Email: rratl...@cisco.com
>>>
>>> Office: +1 919-476-2081
>>>
>>> Mobile: +1-919-225-0448
>>>
>>> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>>>
>>>
>>>
>>> *From: *cisco-voip  on behalf of
>>> Anthony Holloway 
>>> *Date: *Tuesday, September 3, 2019 at 10:03 PM
>>> *To: *cisco-voip list 
>>> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>>>
>>>
>>>
>>> So, I just ran into something interesting where someone else took care
>>> of the certs for a CUCM I now have access to, and while the main CCMAdmin
>>> pages load fine in my browser with a full chain of trust, the 6972 page(s)
>>> are being delivered as EC certs, which were not signed, and thus, I get a
>>> warning in my browser.
>>>
>>>
>>>
>>> Now, I have other CUCM deployments under my belt where the Tomcat RSA
>>> certs are signed and EC not, because the default setting for CUCM is to not
>>> use EC certs until you tell it to.  These deployments still present the RSA
>>> cert to me for 6972.
>>>
>>>
>>>
>>> The only difference is the SU6 part.
>>>
>>>
>>>
>>> I couldn't find anything in the release notes nor in the bug search, and
>>> so I'm wondering if any of you know what might be happening.
>>>
>>>
>>>
>>> I tried toggling the HTTP Ciphers from RSA only to All and back again,
>>> but that didn't work.
>>>
>>>
>>>
>>> I tried re-uploading the RSA cert chain, starting from root, and then
>>> back through the 2 intermediates (yes, three layers deep, it's a public CA
>>> chain).
>>>
>>>
>>>
>>> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted
>>> the cluster, and I'm just at a loss.  It's not that big of a deal, it just
>>> bothers me that I don't know why it's doing this.
>>> ___
>>> cisco-voip mailing list
>>> cisco-voip@puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>
>>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Anthony Holloway

So Brian, you (or someone) has then changed the HTTPS Ciphers Enterprise
Parameter to use EC certs then?  Because that's not the default setting.

On Wed, Sep 4, 2019 at 10:20 AM Brian Meade  wrote:

> Some customers of mine with Linux environments connect to the CCMAdmin
> pages with the EC certs.  It's definitely a good idea to get those signed.
>
> On Tue, Sep 3, 2019 at 11:06 PM Tim Smith  wrote:
>
>> Is it time to start getting our EC certs signed as well?
>>
>>
>>
>>
>>
>> *From: *cisco-voip  on behalf of "
>> cisco-voip@puck.nether.net" 
>> *Reply to: *"Ryan Ratliff (rratliff)" 
>> *Date: *Wednesday, 4 September 2019 at 1:02 pm
>> *To: *Anthony Holloway , "
>> cisco-voip@puck.nether.net" 
>> *Subject: *Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>>
>>
>>
>> TCP/6972 is hosted by the TFTP service specifically for secure download
>> of configuration files and firmware (HTTPS using the Callmanager-EC cert)
>> by endpoints. It’s using EC because only endpoints that support strong
>> encryption will use support HTTPS downloads via TFTP.
>>
>> TCP/6970 is for the same as HTTP
>>
>> TCP/6971 is for the same as HTTPS using the Tomcat certificate (for
>> Jabber)
>>
>>
>> None of these are intended to be used by your browser, though it works
>> perfectly well for testing and troubleshooting.
>>
>>
>>
>> Ryan Ratliff
>>
>> Manager, Cisco Cloud Collaboration TAC
>>
>> Standard Business Hours: 8:00AM-5:00PM EDT
>> Email: rratl...@cisco.com
>>
>> Office: +1 919-476-2081
>>
>> Mobile: +1-919-225-0448
>>
>> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>>
>>
>>
>> *From: *cisco-voip  on behalf of
>> Anthony Holloway 
>> *Date: *Tuesday, September 3, 2019 at 10:03 PM
>> *To: *cisco-voip list 
>> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>>
>>
>>
>> So, I just ran into something interesting where someone else took care of
>> the certs for a CUCM I now have access to, and while the main CCMAdmin
>> pages load fine in my browser with a full chain of trust, the 6972 page(s)
>> are being delivered as EC certs, which were not signed, and thus, I get a
>> warning in my browser.
>>
>>
>>
>> Now, I have other CUCM deployments under my belt where the Tomcat RSA
>> certs are signed and EC not, because the default setting for CUCM is to not
>> use EC certs until you tell it to.  These deployments still present the RSA
>> cert to me for 6972.
>>
>>
>>
>> The only difference is the SU6 part.
>>
>>
>>
>> I couldn't find anything in the release notes nor in the bug search, and
>> so I'm wondering if any of you know what might be happening.
>>
>>
>>
>> I tried toggling the HTTP Ciphers from RSA only to All and back again,
>> but that didn't work.
>>
>>
>>
>> I tried re-uploading the RSA cert chain, starting from root, and then
>> back through the 2 intermediates (yes, three layers deep, it's a public CA
>> chain).
>>
>>
>>
>> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted
>> the cluster, and I'm just at a loss.  It's not that big of a deal, it just
>> bothers me that I don't know why it's doing this.
>> ___
>> cisco-voip mailing list
>> cisco-voip@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Anthony Holloway

Thanks Tim, but you may have missed it in my lengthy starter email, but I
already deactivated/re-activated TFTP.

On Tue, Sep 3, 2019 at 9:57 PM Tim Smith  wrote:

> Im on the road, but there was a similar bug for this. Can’t seem to find
> it.
>
> It’s TFTP based issue from memory.
>
> You had to de-activate and re-activate the TFTP services.
>
>
>
>
>
> *From: *cisco-voip  on behalf of
> Anthony Holloway 
> *Date: *Wednesday, 4 September 2019 at 12:03 pm
> *To: *"cisco-voip@puck.nether.net" 
> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>
>
>
> So, I just ran into something interesting where someone else took care of
> the certs for a CUCM I now have access to, and while the main CCMAdmin
> pages load fine in my browser with a full chain of trust, the 6972 page(s)
> are being delivered as EC certs, which were not signed, and thus, I get a
> warning in my browser.
>
>
>
> Now, I have other CUCM deployments under my belt where the Tomcat RSA
> certs are signed and EC not, because the default setting for CUCM is to not
> use EC certs until you tell it to.  These deployments still present the RSA
> cert to me for 6972.
>
>
>
> The only difference is the SU6 part.
>
>
>
> I couldn't find anything in the release notes nor in the bug search, and
> so I'm wondering if any of you know what might be happening.
>
>
>
> I tried toggling the HTTP Ciphers from RSA only to All and back again, but
> that didn't work.
>
>
>
> I tried re-uploading the RSA cert chain, starting from root, and then back
> through the 2 intermediates (yes, three layers deep, it's a public CA
> chain).
>
>
>
> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted the
> cluster, and I'm just at a loss.  It's not that big of a deal, it just
> bothers me that I don't know why it's doing this.
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Anthony Holloway

So Ryan, I just tried 6971, and I am getting an EC cert there too.

[image: image.png]

Also, I can confirm that Jabber is using 6972, as it shows up in the
Diagnostics (CTRL+Shift+D) window as such:

[image: image.png]

Thoughts on those updates?


On Tue, Sep 3, 2019 at 10:02 PM Ryan Ratliff (rratliff) 
wrote:

> TCP/6972 is hosted by the TFTP service specifically for secure download of
> configuration files and firmware (HTTPS using the Callmanager-EC cert) by
> endpoints. It’s using EC because only endpoints that support strong
> encryption will use support HTTPS downloads via TFTP.
>
> TCP/6970 is for the same as HTTP
>
> TCP/6971 is for the same as HTTPS using the Tomcat certificate (for Jabber)
>
>
> None of these are intended to be used by your browser, though it works
> perfectly well for testing and troubleshooting.
>
>
>
> Ryan Ratliff
>
> Manager, Cisco Cloud Collaboration TAC
>
> Standard Business Hours: 8:00AM-5:00PM EDT
> Email: rratl...@cisco.com
>
> Office: +1 919-476-2081
>
> Mobile: +1-919-225-0448
>
> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>
>
>
> *From: *cisco-voip  on behalf of
> Anthony Holloway 
> *Date: *Tuesday, September 3, 2019 at 10:03 PM
> *To: *cisco-voip list 
> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>
>
>
> So, I just ran into something interesting where someone else took care of
> the certs for a CUCM I now have access to, and while the main CCMAdmin
> pages load fine in my browser with a full chain of trust, the 6972 page(s)
> are being delivered as EC certs, which were not signed, and thus, I get a
> warning in my browser.
>
>
>
> Now, I have other CUCM deployments under my belt where the Tomcat RSA
> certs are signed and EC not, because the default setting for CUCM is to not
> use EC certs until you tell it to.  These deployments still present the RSA
> cert to me for 6972.
>
>
>
> The only difference is the SU6 part.
>
>
>
> I couldn't find anything in the release notes nor in the bug search, and
> so I'm wondering if any of you know what might be happening.
>
>
>
> I tried toggling the HTTP Ciphers from RSA only to All and back again, but
> that didn't work.
>
>
>
> I tried re-uploading the RSA cert chain, starting from root, and then back
> through the 2 intermediates (yes, three layers deep, it's a public CA
> chain).
>
>
>
> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted the
> cluster, and I'm just at a loss.  It's not that big of a deal, it just
> bothers me that I don't know why it's doing this.
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Anthony Holloway

Thanks Ryan.  When did this change exactly?  I have been using 6972 for
pulling jabber-config.xml (and other TFTP files) off of the TFTP server for
a few years now, and this is the first time I've seen an EC cert presented
to me.

On Tue, Sep 3, 2019 at 10:02 PM Ryan Ratliff (rratliff) 
wrote:

> TCP/6972 is hosted by the TFTP service specifically for secure download of
> configuration files and firmware (HTTPS using the Callmanager-EC cert) by
> endpoints. It’s using EC because only endpoints that support strong
> encryption will use support HTTPS downloads via TFTP.
>
> TCP/6970 is for the same as HTTP
>
> TCP/6971 is for the same as HTTPS using the Tomcat certificate (for Jabber)
>
>
> None of these are intended to be used by your browser, though it works
> perfectly well for testing and troubleshooting.
>
>
>
> Ryan Ratliff
>
> Manager, Cisco Cloud Collaboration TAC
>
> Standard Business Hours: 8:00AM-5:00PM EDT
> Email: rratl...@cisco.com
>
> Office: +1 919-476-2081
>
> Mobile: +1-919-225-0448
>
> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>
>
>
> *From: *cisco-voip  on behalf of
> Anthony Holloway 
> *Date: *Tuesday, September 3, 2019 at 10:03 PM
> *To: *cisco-voip list 
> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>
>
>
> So, I just ran into something interesting where someone else took care of
> the certs for a CUCM I now have access to, and while the main CCMAdmin
> pages load fine in my browser with a full chain of trust, the 6972 page(s)
> are being delivered as EC certs, which were not signed, and thus, I get a
> warning in my browser.
>
>
>
> Now, I have other CUCM deployments under my belt where the Tomcat RSA
> certs are signed and EC not, because the default setting for CUCM is to not
> use EC certs until you tell it to.  These deployments still present the RSA
> cert to me for 6972.
>
>
>
> The only difference is the SU6 part.
>
>
>
> I couldn't find anything in the release notes nor in the bug search, and
> so I'm wondering if any of you know what might be happening.
>
>
>
> I tried toggling the HTTP Ciphers from RSA only to All and back again, but
> that didn't work.
>
>
>
> I tried re-uploading the RSA cert chain, starting from root, and then back
> through the 2 intermediates (yes, three layers deep, it's a public CA
> chain).
>
>
>
> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted the
> cluster, and I'm just at a loss.  It's not that big of a deal, it just
> bothers me that I don't know why it's doing this.
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

2019-09-04 Thread Brian Meade

Some customers of mine with Linux environments connect to the CCMAdmin
pages with the EC certs.  It's definitely a good idea to get those signed.

On Tue, Sep 3, 2019 at 11:06 PM Tim Smith  wrote:

> Is it time to start getting our EC certs signed as well?
>
>
>
>
>
> *From: *cisco-voip  on behalf of "
> cisco-voip@puck.nether.net" 
> *Reply to: *"Ryan Ratliff (rratliff)" 
> *Date: *Wednesday, 4 September 2019 at 1:02 pm
> *To: *Anthony Holloway , "
> cisco-voip@puck.nether.net" 
> *Subject: *Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>
>
>
> TCP/6972 is hosted by the TFTP service specifically for secure download of
> configuration files and firmware (HTTPS using the Callmanager-EC cert) by
> endpoints. It’s using EC because only endpoints that support strong
> encryption will use support HTTPS downloads via TFTP.
>
> TCP/6970 is for the same as HTTP
>
> TCP/6971 is for the same as HTTPS using the Tomcat certificate (for Jabber)
>
>
> None of these are intended to be used by your browser, though it works
> perfectly well for testing and troubleshooting.
>
>
>
> Ryan Ratliff
>
> Manager, Cisco Cloud Collaboration TAC
>
> Standard Business Hours: 8:00AM-5:00PM EDT
> Email: rratl...@cisco.com
>
> Office: +1 919-476-2081
>
> Mobile: +1-919-225-0448
>
> Cisco U.S. Contact Numbers: +1-800-553-2447 or +1-408-526-7209
>
>
>
> *From: *cisco-voip  on behalf of
> Anthony Holloway 
> *Date: *Tuesday, September 3, 2019 at 10:03 PM
> *To: *cisco-voip list 
> *Subject: *[cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs
>
>
>
> So, I just ran into something interesting where someone else took care of
> the certs for a CUCM I now have access to, and while the main CCMAdmin
> pages load fine in my browser with a full chain of trust, the 6972 page(s)
> are being delivered as EC certs, which were not signed, and thus, I get a
> warning in my browser.
>
>
>
> Now, I have other CUCM deployments under my belt where the Tomcat RSA
> certs are signed and EC not, because the default setting for CUCM is to not
> use EC certs until you tell it to.  These deployments still present the RSA
> cert to me for 6972.
>
>
>
> The only difference is the SU6 part.
>
>
>
> I couldn't find anything in the release notes nor in the bug search, and
> so I'm wondering if any of you know what might be happening.
>
>
>
> I tried toggling the HTTP Ciphers from RSA only to All and back again, but
> that didn't work.
>
>
>
> I tried re-uploading the RSA cert chain, starting from root, and then back
> through the 2 intermediates (yes, three layers deep, it's a public CA
> chain).
>
>
>
> I've restarted Tomcat, I've deactivated/reactivate TFTP, I've rebooted the
> cluster, and I'm just at a loss.  It's not that big of a deal, it just
> bothers me that I don't know why it's doing this.
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] vg310/320 or ISR4K with analog modules

2019-09-04 Thread Lelio Fulgenzi

Yeah - I’m a little confused about the new 4K line. There’s one model that you 
have to populate both slots or it won’t pass configuration. Not sure why.

I did some comparisons between 310/320 and 4K and I think the 310/320 came out 
ahead. I’d have to go back and check.

-sent from mobile device-

Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 
2W1
519-824-4120 Ext. 56354 | 
le...@uoguelph.ca

www.uoguelph.ca/ccs | @UofGCCS on Instagram, 
Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

On Sep 4, 2019, at 4:33 AM, James Andrewartha 
mailto:jandrewar...@ccgs.wa.edu.au>> wrote:

Hi list,

I just got quoted for replacing our 2x 2921s and 3x VG224s with 2x 4431s and a 
VG310 with PVDM3-64. We only need 10 or so FXS ports now (faxing is almost 
dead, and just a few lift phones), should I be asking for a SM-X-16FXS/2FXO 
instead of the VG310? We're migrating from ISDN to SIP at the same time so 
presumably the 32 DSPs in the 4431 should suffice? Oh wait, the 4431 has no 
service module slots ... 3x NIM-4FXSP perhaps then.

Thanks,

--
James Andrewartha
Network & Projects Engineer
Christ Church Grammar School
Claremont, Western Australia
Ph. (08) 9442 1757
Mob. 0424 160 877

On 05/04/19 03:07, Lelio Fulgenzi wrote:
Just to get this back on track a bit – I tried configuring base ISR4431 w/ 
24FXS and ISR4451 w/72FXS and the per port cost is significantly more than the 
VG310/VG320 solution.

I’m going to reach out to my acct team to see if there’s anything on the 
horizon. Maybe something will be announced at Cisco live.


---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | le...@uoguelph.ca

www.uoguelph.ca/ccs | @UofGCCS on Instagram, 
Twitter and Facebook



From: cisco-voip 
 
On Behalf Of Lelio Fulgenzi
Sent: Wednesday, April 3, 2019 2:35 PM
To: voyp list, cisco-voip 
(cisco-voip@puck.nether.net) 

Subject: [cisco-voip] vg310/320 or ISR4K with analog modules


I see the VG350 has pretty much been EOL’d (February 29, 2024) in favour of 
ISR4K with high density voice service modules or a VG450 (which is ISR4K based).

https://www.cisco.com/c/en/us/products/collateral/unified-communications/vg-series-gateways/eos-eol-notice-c51-741597.html

Anybody know if the VG310 and VG320 is going that path? It would be hard to 
assume so, since the VG400s are very low density and look like they’re 
replacing the VG202/VG204.

I can’t imagine having to fork out for a ISR4K for 24 or 48 analog ports.

Thoughts?


---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | le...@uoguelph.ca

www.uoguelph.ca/ccs | @UofGCCS on Instagram, 
Twitter and Facebook






___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip



___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] vg310/320 or ISR4K with analog modules

2019-09-04 Thread James Andrewartha

Hi list,

I just got quoted for replacing our 2x 2921s and 3x VG224s with 2x 4431s
and a VG310 with PVDM3-64. We only need 10 or so FXS ports now (faxing
is almost dead, and just a few lift phones), should I be asking for a
SM-X-16FXS/2FXO instead of the VG310? We're migrating from ISDN to SIP
at the same time so presumably the 32 DSPs in the 4431 should suffice?
Oh wait, the 4431 has no service module slots ... 3x NIM-4FXSP perhaps then.

Thanks,

-- 
James Andrewartha
Network & Projects Engineer
Christ Church Grammar School
Claremont, Western Australia
Ph. (08) 9442 1757
Mob. 0424 160 877


On 05/04/19 03:07, Lelio Fulgenzi wrote:
>
> Just to get this back on track a bit – I tried configuring base
> ISR4431 w/ 24FXS and ISR4451 w/72FXS and the per port cost is
> significantly more than the VG310/VG320 solution.
>
>  
>
> I’m going to reach out to my acct team to see if there’s anything on
> the horizon. Maybe something will be announced at Cisco live.
>
>  
>
>  
>
> ---
>
> *Lelio Fulgenzi, B.A.*| Senior Analyst
>
> Computing and Communications Services| University of Guelph
>
> Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON
> | N1G 2W1
>
> 519-824-4120 Ext. 56354 | le...@uoguelph.ca 
>
>  
>
> www.uoguelph.ca/ccs | @UofGCCS on
> Instagram, Twitter and Facebook
>
>  
>
> University of Guelph Cornerstone with Improve Life tagline
>
>  
>
> *From:* cisco-voip  *On Behalf Of
> *Lelio Fulgenzi
> *Sent:* Wednesday, April 3, 2019 2:35 PM
> *To:* voyp list, cisco-voip (cisco-voip@puck.nether.net)
> 
> *Subject:* [cisco-voip] vg310/320 or ISR4K with analog modules
>
>  
>
>  
>
> I see the VG350 has pretty much been EOL’d (February 29, 2024) in
> favour of ISR4K with high density voice service modules or a VG450
> (which is ISR4K based).
>
>  
>
> https://www.cisco.com/c/en/us/products/collateral/unified-communications/vg-series-gateways/eos-eol-notice-c51-741597.html
>
>  
>
> Anybody know if the VG310 and VG320 is going that path? It would be
> hard to assume so, since the VG400s are very low density and look like
> they’re replacing the VG202/VG204.
>
>  
>
> I can’t imagine having to fork out for a ISR4K for 24 or 48 analog ports.
>
>  
>
> Thoughts?
>
>  
>
>  
>
> ---
>
> *Lelio Fulgenzi, B.A.*| Senior Analyst
>
> Computing and Communications Services| University of Guelph
>
> Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON
> | N1G 2W1
>
> 519-824-4120 Ext. 56354 | le...@uoguelph.ca 
>
>  
>
> www.uoguelph.ca/ccs | @UofGCCS on
> Instagram, Twitter and Facebook
>
>  
>
> University of Guelph Cornerstone with Improve Life tagline
>
>  
>
>
>
> ___
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip


___
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] CUCM 11.5(1)SU6, Port 6972 and EC Certs

Re: [cisco-voip] vg310/320 or ISR4K with analog modules

Re: [cisco-voip] vg310/320 or ISR4K with analog modules

9 matches

Site Navigation

Mail list logo

Footer information