×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Teleworker Help

Teleworker Help

Teleworker Help

(OP)
If i am using Teleworker in server only mode in a dmz with a private static ip address do i also need a dedicated public address to route to this from the firewall or do i tell the remote phones to point to the company public address on the firewall which will forward the specific ports to the MAS server?

Any help as i am really confused

thanks

RE: Teleworker Help

Hi,

I have never really configured Teleworker in server only mode. You should configure the phones with a dedicated public IP address. The company should have more than one allocated. Use one of them. You then use the firewall to route all requests to this IP address to your internal IP for your MAS.

Hope this helps. It's a lot easier to use the MAS server in gateway mode

RE: Teleworker Help

(OP)
Cheers Mitelpassion

that makes sense now

RE: Teleworker Help

As Mitelpassion said, The company should have more than one allocated. Use one of them. You then use the firewall to route all requests to this IP address to your internal IP for your MAS.

The MAS server needs to be connected to a DMZ port on the company firewall, "THIS HAS TO BE A TRUE DMZ" otherwise you will have problems.

You will also need ports to be opened up on the Company firewall as this will be required to allow the phone to boot up and also allow the voice to pass either way.

Here are the ports that will required to be opened,
TCP 22(SSH) Server-Internet
TCP 443(HTTPS) Server-Internet
TCP 443(HTTPS) Server-LAN
TCP 6800,6801 and 6802 Server-LAN
TCP 6800,6801 and 6802 Server-ICP's
TCP 6801,6802 Server-Internet
UDP 69 Server-Internet
UDP 20,000 to 23,000 (RTP) Server-Internet
UDP 1024 to 65,535 (RTP) Server-LAN
UDP 1024 to 65,535 (RTP) LAN-Server

“Server” refers to the Mitel 6000 MAS

There is other ports to open up, this is only required if using a 5235 handset as a remote phone.

Hope this helps.

I think the reason many engineers set a teleworker as a ServerGateway is it bypasses the need to configure firewalls and DMZ, and makes the job alot less difficult.


RE: Teleworker Help

(OP)
Thanks Andy

Do you not find that most customers prefer to use and manage their own firewall and already have a firewall in place?

RE: Teleworker Help

Just to add to the true DMZ statement. A true DMZ is a firewall with 3 or more ports or network cards. In other words a port or network card dedicated to the DMZ.

There are ways of setting up a DMZ with two network cards doing port forwarding and all types of fancy footwork. This type of configuration is not supported for Teleworker.

RE: Teleworker Help

(OP)
what extra ports need to be open  for the 5235 handset?

RE: Teleworker Help

Out of all the Teleworkers I have installed only two of them have been as a Server Gateway, Most customers will or would like to control what connects to their network and are a bit concerned that the Teleworker might end up being a weak link onto their network from the out side?

Just to make things a little harder, Mitel do not support firewalls at the customer end however they do support routers at the remote end, which you can find a list through the Teleworker documentation.

As for the Extra ports required for the connection of a 5235 are as follows,
TCP 3998/9 Internet-Server   For the 5235
TCP 6880   Internet-Server   For the 5235

TCP 3999   Server-LAN  These are configured automatically
TCP 80     Server-LAN   When setup as a Server/Gateway

TCP 3300 (VFA) Server-Internet and Server-LAN    Optional VoiceFirst


Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close