Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Asdm 7 User Guide. The Cisco manuals for Computer Equipment are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 461

    Page 461 18-9 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider Adding a TLS Proxy Instance NoteThis feature is not supported for the Adaptive Security Appliance version 8.1.2. Use the Add TLS Proxy Instance Wizard to add a TLS Proxy to enable inspection of SSL encrypted VoIP signaling, namely Skinny and SIP, interacting with Cisco Call Manager and to support the Cisco Unified Communications features on the ASA. This... 
     
18-9
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
Adding a TLS Proxy Instance
NoteThis feature is not supported for the Adaptive Security Appliance version 8.1.2.
Use the Add TLS Proxy Instance Wizard to add a TLS Proxy to enable inspection of SSL encrypted VoIP 
signaling, namely Skinny and SIP, interacting with Cisco Call Manager and to support the Cisco Unified 
Communications features on the ASA.
This...

    Page 462

    Page 462 18-10 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider When the Phone Proxy is operating in a mixed-mode CUCM cluster, you must import the CUCM certificate by clicking Add in the Manage Identify Certificates dialog box. See the “Configuring Identity Certificates Authentication” section on page 40-55 in the general operations configuration guide. To select an existing certificate, select one from the... 
     
18-10
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
When the Phone Proxy is operating in a mixed-mode CUCM cluster, you must import the CUCM 
certificate by clicking Add in the Manage Identify Certificates dialog box. See the “Configuring 
Identity Certificates Authentication” section on page 40-55 in the general operations configuration 
guide. 
To select an existing certificate, select one from the...

    Page 463

    Page 463 18-11 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider This wizard is available from the Configuration > Firewall > Unified Communications > TLS Proxy pane. Step 1Complete the first two steps of the Add TLS Proxy Instance Wizard. See Adding a TLS Proxy Instance, page 18-9 and Add TLS Proxy Instance Wizard – Client Configuration, page 18-10. The Add TLS Proxy Instance Wizard – Client Configuration dialog box... 
     
18-11
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
This wizard is available from the Configuration > Firewall > Unified Communications > TLS Proxy 
pane. 
Step 1Complete the first two steps of the Add TLS Proxy Instance Wizard. See Adding a TLS Proxy Instance, 
page 18-9 and Add TLS Proxy Instance Wizard – Client Configuration, page 18-10. 
The Add TLS Proxy Instance Wizard – Client Configuration dialog box...

    Page 464

    Page 464 18-12 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider To create a new key pair, click New. The Add Key Pair dialog box opens. See the “Configuring Identity Certificates Authentication” section on page 40-55 in the general operations configuration guide for details about the Key Pair fields. Step 4In the Security Algorithms area, specify the available and active algorithms to be announced or matched during... 
     
18-12
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
To create a new key pair, click New. The Add Key Pair dialog box opens. See the “Configuring 
Identity Certificates Authentication” section on page 40-55 in the general operations configuration 
guide for details about the Key Pair fields.
Step 4In the Security Algorithms area, specify the available and active algorithms to be announced or matched 
during...

    Page 465

    Page 465 18-13 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider For information on the Cisco CTL Client, see “Configuring the Cisco CTL Client” in Cisco Unified CallManager Security Guide. http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/5_0_4/secuauth.html To install the CTL file on the ASA, go to Configuration > Firewall > Unified Communications > CTL Provider > Add. The Add CTL Provider dialog box opens.... 
     
18-13
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
For information on the Cisco CTL Client, see “Configuring the Cisco CTL Client” in Cisco 
Unified CallManager Security Guide.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/5_0_4/secuauth.html
To install the CTL file on the ASA, go to Configuration > Firewall > Unified Communications 
> CTL Provider > Add. The Add CTL Provider dialog box opens....

    Page 466

    Page 466 18-14 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider The Manage CA Certificates dialog box opens. See the “Guidelines and Limitations” section on page 40-10 in the general operations configuration guide. Click Add to open the Install Certificate dialog box. See the “Configuring CA Certificate Authentication” section on page 40-13 in the general operations configuration guide. When you are configuring the... 
     
18-14
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
The Manage CA Certificates dialog box opens. See the “Guidelines and Limitations” section on 
page 40-10 in the general operations configuration guide. Click Add to open the Install Certificate 
dialog box. See the “Configuring CA Certificate Authentication” section on page 40-13 in the general 
operations configuration guide. 
When you are configuring the...

    Page 467

    Page 467 18-15 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection CTL Provider NoteWhen you are configuring the TLS Proxy for the Phone Proxy and it is using the mixed security mode for the CUCM cluster, you must configure the LDC Issuer. The LDC Issuer lists the local certificate authority to issue client or server dynamic certificates. Step 5To specify an LDC Issuer to use for the TLS Proxy, perform the following. When you select... 
     
18-15
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  CTL Provider
NoteWhen you are configuring the TLS Proxy for the Phone Proxy and it is using the mixed security mode 
for the CUCM cluster, you must configure the LDC Issuer. The LDC Issuer lists the local certificate 
authority to issue client or server dynamic certificates.
Step 5To specify an LDC Issuer to use for the TLS Proxy, perform the following. When you select...

    Page 468

    Page 468 18-16 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection TLS Proxy TLS Proxy This feature is supported only for ASA versions 8.0.x prior to 8.0.4 and for version 8.1. NoteThis feature is not supported for the Adaptive Security Appliance versions prior to 8.0.4 and for version 8.1.2. Use the TLS Proxy option to enable inspection of SSL encrypted VoIP signaling, namely Skinny and SIP, interacting with Cisco CallManager. The... 
     
18-16
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  TLS Proxy
TLS Proxy
This feature is supported only for ASA versions 8.0.x prior to 8.0.4 and for version 8.1.
NoteThis feature is not supported for the Adaptive Security Appliance versions prior to 8.0.4 and for version 
8.1.2.
Use the TLS Proxy option to enable inspection of SSL encrypted VoIP signaling, namely Skinny and 
SIP, interacting with Cisco CallManager.
The...

    Page 469

    Page 469 18-17 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection Feature History for the TLS Proxy for Encrypted Voice Inspection Certificate Authority Server—Specifies the certificate authority server. Certificate—Specifies a certificate. Manage—Configures the local certificate authority. To make configuration changes after it has been configured for the first time, disable the local certificate authority. –Local Dynamic Certificate... 
     
18-17
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  Feature History for the TLS Proxy for Encrypted Voice Inspection
Certificate Authority Server—Specifies the certificate authority server.
Certificate—Specifies a certificate.
Manage—Configures the local certificate authority. To make configuration changes after it has 
been configured for the first time, disable the local certificate authority.
–Local Dynamic Certificate...

    Page 470

    Page 470 18-18 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection Feature History for the TLS Proxy for Encrypted Voice Inspection 
     
18-18
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 18      Configuring the TLS Proxy for Encrypted Voice Inspection
  Feature History for the TLS Proxy for Encrypted Voice Inspection
    Start reading Cisco Asdm 7 User Guide
    All Cisco manuals