Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Asdm 7 User Guide. The Cisco manuals for Computer Equipment are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 511

    Page 511 21-23 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy What to Do Next Create the TLS proxy for the Cisco Intercompany Media Engine. See the “Creating the TLS Proxy” section on page 21-24. Step 4hostname(config-ca-trustpoint)# keypair keyname Example: hostname(config-ca-trustpoint)# keypair local-ent-keySpecifies the key pair whose public key is to be certified. Step... 
     
21-23
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Create the TLS proxy for the Cisco Intercompany Media Engine. See the “Creating the TLS Proxy” 
section on page 21-24. 
Step 4hostname(config-ca-trustpoint)# keypair keyname
Example:
hostname(config-ca-trustpoint)# keypair local-ent-keySpecifies the key pair whose public key is to be 
certified.
Step...

    Page 512

    Page 512 21-24 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy Creating the TLS Proxy Because either enterprise, namely the local or remote Cisco UCM servers, can initiate the TLS handshake (unlike IP Telephony or Cisco Mobility Advantage, where only the clients initiate the TLS handshake), you must configure by-directional TLS proxy rules. Each enterprise can have an ASA as the TLS... 
     
21-24
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
Creating the TLS Proxy 
Because either enterprise, namely the local or remote Cisco UCM servers, can initiate the TLS 
handshake (unlike IP Telephony or Cisco Mobility Advantage, where only the clients initiate the TLS 
handshake), you must configure by-directional TLS proxy rules. Each enterprise can have an ASA as the 
TLS...

    Page 513

    Page 513 21-25 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy What to Do Next Once you have created the TLS proxy, enable it for SIP inspection. Enabling SIP Inspection for the Cisco Intercompany Media Engine Proxy Enable the TLS proxy for SIP inspection and define policies for both entities that could initiate the connection. The example command lines in this task are based on a basic... 
     
21-25
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Once you have created the TLS proxy, enable it for SIP inspection. 
Enabling SIP Inspection for the Cisco Intercompany Media Engine Proxy
Enable the TLS proxy for SIP inspection and define policies for both entities that could initiate the 
connection. 
The example command lines in this task are based on a basic...

    Page 514

    Page 514 21-26 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy Command Purpose Step 1hostname(config)# class-map class_map_name Examples: hostname(config)# class-map ime-inbound-sipDefines a class for the inbound Cisco Intercompany Media Engine SIP traffic. Step 2hostname(config-cmap)# match access-list access_list_name Examples: hostname(config-cmap)# match access-list... 
     
21-26
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
Command Purpose
Step 1hostname(config)# class-map class_map_name
Examples:
hostname(config)# class-map ime-inbound-sipDefines a class for the inbound Cisco Intercompany 
Media Engine SIP traffic. 
Step 2hostname(config-cmap)# match access-list 
access_list_name
Examples:
hostname(config-cmap)# match access-list...

    Page 515

    Page 515 21-27 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy What to Do Next Once you have enabled the TLS proxy for SIP inspection, if necessary, configure TLS within the enterprise. See (Optional) Configuring TLS within the Local Enterprise, page 21-27. (Optional) Configuring TLS within the Local Enterprise This task is not required if TCP is allowable within the inside network. TLS... 
     
21-27
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Once you have enabled the TLS proxy for SIP inspection, if necessary, configure TLS within the 
enterprise. See (Optional) Configuring TLS within the Local Enterprise, page 21-27. 
(Optional) Configuring TLS within the Local Enterprise 
This task is not required if TCP is allowable within the inside network. 
TLS...

    Page 516

    Page 516 21-28 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy Commands Purpose Step 1hostname(config)# crypto key generate rsa label key-pair-label hostname(config)# crypto ca trustpoint trustpoint_name hostname(config-ca-trustpoint)# enroll self hostname(config-ca-trustpoint)# keypair keyname hostname(config-ca-trustpoint)# subject-name x.500_name Example: hostname(config)# crypto... 
     
21-28
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
Commands Purpose
Step 1hostname(config)# crypto key generate rsa label 
key-pair-label 
hostname(config)# crypto ca trustpoint 
trustpoint_name
hostname(config-ca-trustpoint)# enroll self
hostname(config-ca-trustpoint)# keypair keyname
hostname(config-ca-trustpoint)# subject-name 
x.500_name
Example: 
hostname(config)# crypto...

    Page 517

    Page 517 21-29 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy What to Do Next Once you have configured the TLS within the enterprise, if necessary, configure off path signaling for an off path deployment. See (Optional) Configuring Off Path Signaling, page 21-30. Step 6hostname(config)# crypto ca authenticate trustpoint Example: hostname(config)# crypto ca authenticate... 
     
21-29
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Once you have configured the TLS within the enterprise, if necessary, configure off path signaling for 
an off path deployment. See (Optional) Configuring Off Path Signaling, page 21-30. 
Step 6hostname(config)# crypto ca authenticate trustpoint
Example: 
hostname(config)# crypto ca authenticate...

    Page 518

    Page 518 21-30 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy (Optional) Configuring Off Path Signaling Perform this task only when you are configuring the Cisco Intercompany Media Engine Proxy as part of an off path deployment. You might choose to have an off path deployment when you want to use the Cisco Intercompany Media Engine but do not want to replace your existing Internet... 
     
21-30
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
(Optional) Configuring Off Path Signaling
Perform this task only when you are configuring the Cisco Intercompany Media Engine Proxy as part of 
an off path deployment. You might choose to have an off path deployment when you want to use the 
Cisco Intercompany Media Engine but do not want to replace your existing Internet...

    Page 519

    Page 519 21-31 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy This section contains the following sections: Configuring the Cisco UC-IMC Proxy by using the UC-IME Proxy Pane, page 21-31 Configuring the Cisco UC-IMC Proxy by using the Unified Communications Wizard, page 21-33 Configuring the Cisco UC-IMC Proxy by using the UC-IME Proxy Pane Use the Configure Cisco Intercompany Media Engine... 
     
21-31
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
This section contains the following sections:
Configuring the Cisco UC-IMC Proxy by using the UC-IME Proxy Pane, page 21-31
Configuring the Cisco UC-IMC Proxy by using the Unified Communications Wizard, page 21-33
Configuring the Cisco UC-IMC Proxy by using the UC-IME Proxy Pane
Use the Configure Cisco Intercompany Media Engine...

    Page 520

    Page 520 21-32 Cisco ASA Series Firewall ASDM Configuration Guide Chapter 21 Configuring Cisco Intercompany Media Engine Proxy Configuring Cisco Intercompany Media Engine Proxy Step 2Check the Enable Cisco UC-IME proxy check box to enable the feature. Step 3In the Unified CM Servers area, enter an IP address or hostname for the Cisco Unified Communications Manager (Cisco UCM) or click the ellipsis to open a dialog and browse for an IP address or hostname. Step 4In the Trunk Security Mode field,... 
     
21-32
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 21      Configuring Cisco Intercompany Media Engine Proxy
  Configuring Cisco Intercompany Media Engine Proxy
Step 2Check the Enable Cisco UC-IME proxy check box to enable the feature. 
Step 3In the Unified CM Servers area, enter an IP address or hostname for the Cisco Unified Communications 
Manager (Cisco UCM) or click the ellipsis to open a dialog and browse for an IP address or hostname. 
Step 4In the Trunk Security Mode field,...
    Start reading Cisco Asdm 7 User Guide
    All Cisco manuals