We have had this phone system for 2 years now, and you have to believe me, there is no IP addresses on the phones. There is communication between mac address to mac address. Adding VOIP is additional, where we then would assign IP addresses to the phones. We have been working just fine this way all this time with no IP addresses. I am the one trying to get this working over the public internet without buying the IP license. I thought it possible after I did a google search on layer 2 vpn, and found companies doing it, and cisco bought some of the hardware tech to make it happen, but it appears to be big enterprise type stuff, isp, asp kinda scope, not for the small bussness. All it has to do is keep a mac address table, and know where the destination mac lives. If it lives across the internet, encapsulate it in IP, send it to the other layer 2 vpn device, unencapsulate it, and send it on through the network. As far as your question John, you CAN transport with just mac. Just not route. Remember the old ways to set up a network printer the first time? You used a utility to communicate directly with the mac address, and set the IP from there. These phones are ethernet devices themselves. They have ethernet ports and a 2 port switch. One goes to the hub or switch, and the other goes to your computer if you have one, so you don't have to run new cable. If there were affordable layer2 vpn devices, seems like it would be fairly secure, because not only would you have to spoof an IP to intercept it, but then change your mac address too. Thanks Jeff Sloan Network Administrator Cross Oil Refining & Marketing, Inc. 484 E. 6th St. Smackover, AR 71762 Phone 870-864-8688 Fax 870-864-8689 Cell 870-866-9941 -----Original Message----- From: Thor [mailto:thor@xxxxxxxxxxxxxxx] Sent: Wednesday, October 29, 2003 10:15 AM To: ISALists Subject: [isalist] Re: Did Anyone see this? http://www.ISAserver.org MessageNo need for me to pipe in about how you can't route MAC - but regardless, what is the overall goal? Do you still want to use the VoIP functionality w/o IP? If the people you are getting the phone system from are telling you that you can have VoIP-type functionality of the NBX without purchasing the IP modules, they are mistaken. You can't get there from there... You have to ecapsulate the voice traffic within IP- there is no VoMAC. Also, you don't need their VPN solution. A point-to-point ISA VPN config with the NBX on one side and the IP Phones on the other will work just fine, as long as you don't have too much latency in the network. I've been doing VoIP for many years now (and VoFR before that) and my limit is about 200 ms or so. Anything more than that and you start to introduce jitter; or the delay will be so much that humans will become irritated with talking over each other. t ----- Original Message ----- From: Jeff Sloan To: [ISAserver.org Discussion List] Sent: Tuesday, October 28, 2003 6:48 PM Subject: [isalist] Did Anyone see this? http://www.ISAserver.org Just a friendly check, did anyone read this message? I sent it out twice and didn't get a single response. Even a negative one will do. Just checking. Thanks, Jeff Does anyone know of an affordable device that would provide Layer 2 VPN through the internet. I am not looking for a dedicated network solution, but something that will just work across the internet. And how might it affect the ISA server we already use? Would it go outside the ISA or inside it? My guess is inside it. My phone system is a layer two network solution out of the box. (3Com NBX) Although it has voice over IP that could be turned on, it would require a hardware VPN box for each external user to be on our system, and some functions that use multicast would not work. Between two states we have a dedicated t1, and Cisco switches set to layer two bridging, and that works great, but we are about to get rid of the t1 line for cost reasons, and go to DSL and VPN. Since we are going to have to get VPN appliances (3Com DSL secure gateway routers, $268) I thought about doing a search for layer 2 VPNs, and found several hits, but they seem to be dedicated to large service providers and such. Have you guys heard of anything? Thanks Jeff Sloan Network Administrator Cross Oil Refining & Marketing, Inc. 484 E. 6th St. Smackover, AR 71762 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jsloan@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')