Filter
Top Products
Chapter 1. Introduction to 3Com VCX IP
Telecommuting Module
Some of the functions of 3Com VCX IP Telecommuting Module are:
• SIP proxy: Forwarding of SIP requests.
• Protection against such attacks as address spoofing.
• Logging/alarm locally on the Telecommuting Module, via email and/or via syslog.
• Managing several logical/directly-connected networks and several network connections/physical networks.
• Administration of the Telecommuting Module through a web browser using http or https.
• Failover - connect two Telecommuting Modules in parallel; one handles traffic and the other acts as a hot standby.
• STUN server and Remote SIP Connectivity for SIP clients behind NAT boxes which are not SIP aware (using the
Remote SIP Connectivity module).
Note that some of the functions mentioned here are only available if the corresponding extension module has been
installed.
What is a Telecommuting Module?
A Telecommuting Module is a device which processes traffic under the SIP protocol (see RFC 3261). The
Telecommuting Module receives SIP requests, processes them according to the rules you have set up, and forwards
them to the receiver.
The Telecommuting Module connects to an existing enterprise firewall through a DMZ port, enabling the
transmission of SIP-based communications without affecting firewall security. SIP messages are then routed
through the firewall to the private IP addresses of authorized users on the internal network.
The Telecommuting Module can also be used as an extra gateway to the internal network without connecting to the
firewall, transmitting only SIP-based communications.
Configuration alternatives
The 3Com VCX IP Telecommuting Module can be connected to your network in three different ways, depending
on your needs.
Note that the interface which should receive traffic from the outside must have a public IP address (no NAT),
regardless of which Telecommuting Module Type was selected. For a DMZ or DMZ/LAN type, this means that
the interface connected to the DMZ of the firewall must have a public IP address.
DMZ Configuration
Using this configuration, the Telecommuting Module is located on the DMZ of your firewall, and connected to it
with only one interface. The SIP traffic finds its way to the Telecommuting Module using DNS or by setting the
Telecommuting Module as an outbound proxy on the clients.
This is the most secure configuration, since all traffic goes through both your firewall and your Telecommuting
Module. It is also the most flexible, since all networks connected to any of your firewall’s interfaces can be
SIP-enabled.
The drawback is that the SIP traffic will pass the firewall twice, which can decrease performance.
1