As part of the ShoreTel Sky phone system, you can use an IP phone from a remote location, such as a home office or any location with a broadband connection to the Internet. A remote phone enables you to call associates in different offices as if you were calling from your desk in your main office. In addition, you have access to all of the features of the phone, including the ability to access voicemail and directly dial extensions. The remote phone functionality of ShoreTel Sky's service is ideal for salespeople and employees who work from home or from remote locations.
Note: If your location is an off-net Location, then your phones are considered remote.
Table of Contents
In order to operate a remote phone in the ShoreTel Sky phone system, you must have the following:
- An "always-on" broadband connection. (Data rate must be at least 128 kbps, which most cable modems provide.)
- A router and/or a modem to provide your IP phone with a private IP address.
- A power supply for your IP Phone.
- Ethernet cable (Cat 5) to connect your IP Phone to your router or modem.
- An IP Phone supported by ShoreTel (see the Supported Phones and Devices article)
- A Managed Profile
You or your IT Department are responsible for the purchase or maintenance of any cables, modems, routers, hubs, Network Address Translation (NAT) devices, PC network cards, switches, and any other required network equipment. Your Phone Manager is responsible for the purchase of any IP phones, power supplies and phone profiles. The specific equipment required for each installation will depend on your Broadband Internet Service Provider.
Review and confirm the following information before proceeding:
- You have met all of the remote phone requirements.
- Your broadband internet connection is working.
- Your IP phone is powered and plugged into your network
- Your network is wired as shown in the Network Diagrams section of this article OR as described in the Connecting Your Phone to a Power Supply section of the Phone Setup and Log In article.
- If you have a firewall, verify that the appropriate ports have been opened. See the Firewall Settings section of this article.
After you have confirmed the requirements listed above, the last step is confirming that the TFTP/Config Server IP address on your phone is set correctly. Note the following:
- "Config Server" refers to the IP address settings configured on all ShoreTel phones
- "TFTP" refers to the IP address settings configured on all Cisco phones
In the list below, click the link that corresponds to your IP phone model. Review the instructions for accessing the TFTP/Config Server setting on your phone to make sure the setting is correct. See the TFTP/Config Server article for a list of all instances (clusters) and the associated TFTP/Config Server IP addresses utilized in the ShoreTel Sky phone system. Compare the setting on your phone with the "TFTP/Config Server 1" setting listed next to the instance (cluster) associated with your account. Note that Authorized Contacts can view the "Instance" for their account in the Account Details screen. See the Account Facts section of our Account Details article for more information.
- ShoreTel 480, 480g, and 485g
- Cisco 7940 and 7960
- Cisco 7942 and 7962
- Cisco 7941, 7961, 7970 and 7971
- Cisco 7945, 7965, and 7975
- Cisco 7937 IP Conference Phone
The following diagram shows one of two ways to setup your remote network. The other more common way is to connect the line from your internet connection to your phone, and then connect your phone to your computer.
The following image shows the ports on the back of a Cisco phone where the Ethernet cable from your router or modem is connected. If you connect your computer to your phone and your phone to a modem (rather than connecting both your phone and computer to a router), use the port on the right to connect your phone to your computer.
To enable IP phones (or the Phone Assistant application) to communicate with the ShoreTel Sky phone system over a broadband internet connection, if you have a firewall, it must be configured to allow outbound and inbound traffic to and from the ports listed below.
- TCP 12000 SCCP
- TCP 12001 SCCP/HTTP
- TCP/UDP 5060 SIP
- TCP 5061 SIP
- TCP/UDP 15061 SIP
- TCP 5443 and 5448 CAS
- UDP 69 TFTP
- UDP 16384 through 37000 RTP Media Server
- TCP 80
- TCP/UDP 443
- 184.108.40.206 and 220.127.116.11 for ShoreTel DNS Servers (VoIP DHCP Scope)
- TCP Proxy.m5net.com:8XXX (where 8XXX is the Server/API Port Number for your organization's account as explained in the TFTP/Config Server article)
Depending on your firewall type, you may not be able to specify individual ports or port ranges. In this situation, we recommend opening all outbound/inbound traffic for your instance (cluster). See the TFTP/Config Server article to identify the "Primary TFTP/Config Server 1" IP address and "Server/API Port Number" associated with the instance assigned to your organization's account. Note that the instance is the server where all of your organization's phones are connected.
A firewall is an information technology (IT) security device, which is configured to permit, deny or proxy data connections set and configured by the organization's security policy. Firewalls can either be hardware and/or software based. ShoreTel Network Services does configure firewalls per a Network Delivery billable engagement. ShoreTel does not make recommendations on what firewalls to use other than what capabilities are required.
Network Address Translation
A public IP address is generally not assigned directly to a user’s computer. Computers are generally located on a private network behind a router or firewall providing network address translation (i.e., NAT) or a dedicated NAT device. In these cases, the firewall configuration needs to be considered for ShoreTel services and features. The following ports for the ShoreTel Sky platform need to be opened with a policy on the firewall when configuring the NAT for the appropriate traffic to pass through.
- Note: The firewall policy configuration to open the appropriate ports for the ShoreTel services should be limited to the destination IP address of the given ShoreTel server(s). Consult your ShoreTel representative for the needed IP address information.
ShoreTel Sky Port Usage and DNS
For ShoreTel Sky IP Phones and Phone Assistant to work over a broadband Internet connection, firewalls must be configured to allow outbound and inbound traffic from/to the ports listed in the Firewall Settings section of this article to the appropriate ShoreTel URL or IP Address:
For more detailed technical information about stateful firewall/NAT configuration, connectivity troubleshooting, SCCP phones, Cisco Pix firewalls, and router configuration for 3rd party MPLS DHCP scope, download the Data Network Best Practices Guide for ShoreTel Sky and see the "Off-Net Firewall Best Practices" section. Note that the downloaded PDF is more user-friendly than the version you can view online.
Q: Why does my remote phone experience call quality issues such as one-way talk paths.
A: Remote phones transmit through a broadband connection to the internet. Because of this, call quality issues can occur. If you are having one-way talk paths, the firewall component of your router could be blocking voice traffic. You may need to add your phone's IP address to your firewall's DMZ (demilitarized zone). The DMZ is a section of a firewall that allows traffic from a particular IP address to pass through a network while maintaining security. For more information on how to edit the DMZ on your router's firewall, contact your router's distributor or your IT partner. After adding your phone's IP address to the DMZ zone in your router's firewall, you will need to statically assign the IP address on your phone. If you have questions about this, contact ShoreTel Sky Support.
Q: Can I utilize load balancing for ShoreTel voice traffic?
A: No. Load balancing should never be used for voice traffic.
Local Area Network (LAN)
Supported Phones and Devices
Phone Setup and Log In
Phone Log In and Log Out
ShoreTel Sky Portal
ShoreTel Sky Support
Resolve Issues via Support Cases
Created Date 2013-04-12 - Modified Date 2017-03-20