EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1034 background imageLoading...
Page #1034 background image
47-28
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 47 Configuring Cisco Intercompany Media Engine Proxy
Configuring Cisco Intercompany Media Engine Proxy
What to Do Next
Once you have enabled the TLS proxy for SIP inspection, if necessary, configure TLS within the
enterprise. See (Optional) Configuring TLS within the Local Enterprise, page 47-28.
(Optional) Configuring TLS within the Local Enterprise
This task is not required if TCP is allowable within the inside network.
TLS within the enterprise refers to the security status of the Cisco Intercompany Media Engine trunk as
seen by the adaptive security appliance.
Note If the transport security for the Cisco Intercompany Media Engine trunk changes on Cisco UCM, it must
be changed on the adaptive security appliance as well. A mismatch will result in call failure. The
adaptive security appliance does not support SRTP with non-secure IME trunks. The adaptive security
appliance assumes SRTP is allowed with secure trunks. So ‘SRTP Allowed’ must be checked for IME
trunks if TLS is used. The adaptive security appliance supports SRTP fallback to RTP for secure IME
trunk calls.
Prerequisites
On the local Cisco UCM, download the Cisco UCM certificate. See the Cisco Unified Communications
Manager documentation for information. You will need this certificate when performing Step 6 of this
procedure.
Procedure
To configure TLS within the local enterprise, perform the following steps on the local adaptive security
appliance:
Step 14
hostname(config-pmap)# exit
Exits from the policy map configuration mode.
Step 15
hostname(config)# service-policy policymap_name
global
Examples:
hostname(config)# service-policy ime-policy global
Enables the service policy for SIP inspection for all
interfaces.
Where
policymap_name is the name of the policy
map you created in Step 7 of this task.
See Creating the Cisco Intercompany Media Engine
Proxy, page 47-18 for information about the
UC-IME proxy settings. See Cisco ASA 5500 Series
Configuration Guide using the CLI for information
about the no service-policy
command.
Command Purpose

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals