Manualshelf

Specifications

ManualsBrandsShoreTel ManualsComputer equipmentMobility Router 4000
51525354555657585960
Managing Remote Access Before You Begin
6
ShoreTel Mobility Router Administration Guide 42
Before You Begin
Before you start configuring remote access, make sure you have the following:
You have received the Secure Remote Voice key.
You have access to a Public IP address with traffic allowed on TCP and UDP ports. If your network
includes a firewall, make sure that the firewall allows external traffic to and from the IP address
and its TCP and UDP ports. For Port Range information, refer to “Mobility Router Ports” on
page 307.
You need to create a new block of IP addresses to be used for remote-access clients (client IP
pool) or use an exclusion in an existing block of IP addresses.
If you are using the eth0 and eth1 interfaces to configure Secure Remote Voice, make sure that
the eth0 and eth1 IP addresses are not in the same subnet.
If you intend to assign an internal IP address to the eth1 interface and use NAT to map a publicly
accessible IP address on a firewall to the eth1 IP address, you must configure your firewall:
Add firewall rules to map the public IP address to the eth1 IP address.
If you are going to use different numbers for the publicly accessible ports on the firewall and
the Mobility Router port that listens for remote-access traffic, you must configure port
forwarding on the firewall.
You need to configure the default gateway if the Client IP Pool is not in the same subnet as the
eth0 interface. When in the same subnet, proxy ARP forces packets destined for the Client IP Pool
addresses to route to eth0.
If you have a redundancy cluster, make sure you do the following:
If you are configuring Secure Remote Voice, make sure that you have two licenses—one for
each Mobility Router in the cluster. You must install both licenses on each Mobility Router.
Access the physical IP of each Mobility Router to install each license.
Access the virtual IP address of the redundancy cluster to configure remote access.
WARNING!
Firewall Traversal Requirements: If the ShoreTel Mobility Router is deployed in a network topology
where there is a firewall between the Mobility Router and the PBX, firewall rules need to be configured
to allow the SIP call signaling and RTP voice media packets to traverse the network.