Here's a little challenge for you...

I have a client with about 20 new Polycom VSXs on their own internal network (IP and ISDN).

We want to be able to access the remote management side of things, WITHOUT being logged into their network. Is there a reliable way that we can have some kind of intermediary to get us on to their system, so that we can make calls from them, without actually BEING on their network?

answers on a postcard please :)

So is this an island network? It seems a pity that you can’t just setup an encrypted VPN or use some kind of remote access application (i.e. pc anywere). My first thought, although a bit expensive, would be to put a control system (amx, crestron, extron etc) on each codec and then put those control systems on an overlay network. I’ve seen this done in a few odd situations and the security/reliability of it is generally very good. If you can give us a bit more information then maybe some better answers will arise. This is provided that you don’t have to shoot us for telling us :)

IF your customer has a decent firewall with a DMZ, this is the way I would solve your problem.

I would put a PC-server on their DMZ. You can access it using VNC or something. This server would only be accessed from your own companys IP(firewall) (This is a config on your customers firewall)

This PC is allowed to access the 20 or so polycom systems IP-numbers inside of your customers net, and ONLY those IP addresses. (Also achieved with your customers firewall)
[You could even specify a limited set of ports ON each system, port 80 only as an example]

If you then need to surf onto one of the polycom systems, you first connect your VNC-viewer to the PC on the DMZ.
Launch the webbrowser on that PC and connect to any of the polycom systems.

This would be a fairly safe way of doing this.

//Robert - Hey, I wan't royalties for this idea ;^D

Hi Robert

this sounds intriguing. I shall feed this back and see what happens....my next wrinkle is seeing if TMS will be supported :D

Hi Robert

this sounds intriguing. I shall feed this back and see what happens....my next wrinkle is seeing if TMS will be supported :D

Talking TMS... The PC server in my example could ofcourse be a TMS server, but then you probably have a bit more complex firewall configuration ahead of you. Since you also have to allow the polycoms to send sntp traps out to the server on the DMZ. But this wouldn't be a problem for a experienced firewall-guy.

//Robert

Whata about the GMS softwared does anyone have any idea if that could work?

Isn´t it enuff for the VSX to be able to acces the GMS network for those comunications to take place?

GMS will not work as GMS cannot setup calls or manage endpoint settings itself, but just tries to give you a direct web-link to the endpoints webinterface which you - outside the firewall - do not have access to.
If you configure you firewall to give you access to a TMS server inside the network (you only need to open fw for http traffic) you can manage and configure any endpoints whether its Polycom or TANDBERG (or other vendors) and setup calls to and from them by using TMS.

D

GMS will not work as GMS cannot setup calls or manage endpoint settings itself, but just tries to give you a direct web-link to the endpoints webinterface which you - outside the firewall - do not have access to.
If you configure you firewall to give you access to a TMS server inside the network (you only need to open fw for http traffic) you can manage and configure any endpoints whether its Polycom or TANDBERG (or other vendors) and setup calls to and from them by using TMS.

D


Using my idea, where you open up for a VNC viewer you can choose whatever software you want, TMS or GMS.

Sometimes in TMS you need to connect directly to the codecs too from your browser.

//Robert

Using my idea, where you open up for a VNC viewer you can choose whatever software you want, TMS or GMS.

Sometimes in TMS you need to connect directly to the codecs too from your browser.

//Robert

You're ignoring the point.. GMS will not do it because GMS does not have any control features.. only gives you hotlinks to the units themselves. At that point you are better off just having a bookmark page :)

At least TMS will give you dialing control. THis way all you need is web open to the PC 'host'.

yeah, TMS and GMS are not completely comparable. These are all a great help so far. Anyone else had any experience of remote accessing a client network? We are trying to convince the customer that there is little hacking you can do from the back of a VSX...