Cisco ASA 5505 Configuration Manual page 1036
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Configuring Cisco Intercompany Media Engine Proxy
Commands
Step 6
hostname(config)# crypto ca authenticate trustpoint
Example:
hostname(config)# crypto ca authenticate
local-ent-ucm
Step 7
hostname(config)# tls-proxy proxy_name
hostname(config-tlsp)# server trust-point
proxy_trustpoint
hostname(config-tlsp)# client trust-point
proxy_trustpoint
hostname(config-tlsp)# client cipher-suite
aes128-sha1 aes256-sha1 3des-sha1 null-sha1
Example:
hostname(config)# tls-proxy local_to_remote-ent
hostname(config-tlsp)# server trust-point
local-ent-ucm
hostname(config-tlsp)# client trust-point local-ent
hostname(config-tlsp)# client cipher-suite
aes128-sha1 aes256-sha1 3des-sha1 null-sha1
Step 8
hostname(config-tlsp)# exit
Step 9
hostname(config)# tls-proxy proxy_name
hostname(config-tlsp)# server trust-point
proxy_trustpoint
hostname(config-tlsp)# client trust-point
proxy_trustpoint
hostname(config-tlsp)# client cipher-suite
aes128-sha1 aes256-sha1 3des-sha1 null-sha1
Example:
hostname(config)# tls-proxy remote_to_local-ent
hostname(config-tlsp)# server trust-point local-ent
hostname(config-tlsp)# client trust-point
local-ent-ucm
hostname(config-tlsp)# client cipher-suite
aes128-sha1 aes256-sha1 3des-sha1 null-sha1
Step 10
hostname(config-tlsp)# exit
Step 11
hostname(config)# uc-ime uc_ime_name
hostname(config-uc-ime)# ucm address ip_address
trunk-security-mode secure
Example:
hostname(config)# uc-ime local-ent-ime
hostname(config-uc-ime)# ucm address 192.168.10.30
trunk-security-mode secure
What to Do Next
Once you have configured the TLS within the enterprise, if necessary, configure off path signaling for
an off path deployment. See
Cisco ASA 5500 Series Configuration Guide using ASDM
47-30
Chapter 47
Purpose
Imports the certificate from local Cisco UCM.
Where trustpoint is the trustpoint for the local Cisco
UCM.
Paste the certificate downloaded from the local
Cisco UCM. This certificate enables the adaptive
security appliance to validate the certificate that
Cisco UCM sends in the TLS handshake.
Updates the TLS proxy for outbound connections.
Where proxy_name is the name you entered in
Step 1
Where proxy_trustpoint for the server trust-point
command is the name you entered in
procedure.
Where proxy_trustpoint for the client trust-point
command is the name you entered in
task
Creating Trustpoints and Generating
Certificates.
Note
Exits from TLS Proxy Configuration mode.
Updates the TLS proxy for inbound connections.
Where proxy_name is the name you entered in
Step 5
Where proxy_trustpoint for the server trust-point
command is the name you entered in
task
Creating Trustpoints and Generating
Certificates.
Where proxy_trustpoint for the client trust-point
command is the name you entered in
procedure.
Exits from TLS Proxy Configuration mode.
Updates the Cisco Intercompany Media Engine
Proxy for trunk-security-mode.
Where
Step 1
Media Engine
Only perform this step if you entered nonsecure in
Step 3
Media Engine
(Optional) Configuring Off Path Signaling, page
Configuring Cisco Intercompany Media Engine Proxy
of the task
Creating the TLS
In this step, you are creating different
trustpoints for the client and the server.
of the task
Creating the TLS
is the name you entered in
uc_ime_name
of the task
Creating the Cisco Intercompany
Proxy.
of the task
Creating the Cisco Intercompany
Proxy.
47-31.
Proxy.
Step 4
of this
Step 2
of the
Proxy.
Step 2
of the
Step 4
of this
OL-20339-01
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
