In an Avaya IP Office phone system / PBX which has a LAN and a WAN port, can this system be configured in such a way that the WAN interface is directly on the edge network (outside of the firewall) to allow for remote phones to connect to the system?
Any time that I've seen these systems configured, the phone was connecting through a Cisco ASA firewall using a VPN connection built into the Avaya handset. The Avaya IP Office was behind the firewall on a voice segment and routing OUT through the data segment or through a separate interface on the firewall to the Voice segment. The handset was then configured with its own set of PHASE 1 / PHASE 2 settings for VPN config.
Is this necessary? It's usually a complicated deployment if we do not ship the phone PRE-CONFIGURED...walking someone through a WAN IP would be easier.