I have a couple of HDX-4500 units that I am deploying to users with a home office setup, i.e. a cable modem with a Cisco or Netgear router behind it.
Getting it to work is NOT a problem. I have the NAT traversal working, it's registering with the VBP-ST, places and recieves calls just fine, thank you. Users are quite pleased.
What *is* my issue is that because it is using a NAT'd address, I can not directly browse to and administer the unit in terms of pushing software updates, updating the Directory, etc.
It's not a serious problem but it does limit my ability to remotely support these video units. Does anyone know of any tricks to work around this?
It seems that RP VDM 400 (reincarnation of CMA 4000) or RP RM (CMA 5000) - depending of the number of devices to manage - are just you need. They are intended for centralized provision and S/W update and work fine with VBP-ST. More details can be found >>> here <<< and >>> here <<<.
Hope this could help.
Hi there :)
if you want to have full management, you would need another video border proxy (VBP-E) in the remote locations.
The simpler way would be to get some dyndns accounts for your remote locations (to have a fixed address for remote management), open port 80 on the router and forward that port to the lan ip of the vc machine (make sure, that your webinterface is password-protected).
Certainly the preferred way would be RP VDM 400 or RPRM as that would give you full control of the endpoints from a central location (e.g. you can proactively get alerted if something is wrong.)
If you don't have either of those, open/map port 80/443 in your firewall to the HDX, set an admin password and you can reach out and touch the EPs.
Take a look at the guide Polycom Recommended Best Security Practices for Unified Communications at http://bit.ly/1flKubO and see the note near the left-bottom of pg2.
"Organizations that cannot use a firewall to protect video endpoints for cost reasons should disable remote management through the Security -> Enable Remote Management configuration menu, ensuring that Web, Telnet, and SNMP are not selected. " For what you need to do, you're going to need to leave Web open. Please be sure to set a strong admin password!
Finally, keep an eye on http://www.polycom.com/security and your system properly patched.