EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #926 background imageLoading...
Page #926 background image
41-4
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 41 Information About Cisco Unified Communications Proxy Features
Licensing for Cisco Unified Communications Proxy Features
• The TLS proxy decrypts the packets, sends packets to the inspection engine for NAT rewrite and
protocol conformance, optionally encrypts packets, and sends them to Cisco UCM or sends them in
clear text if the IP phone is configured to be in nonsecure mode on the Cisco UCM.
• The adaptive security appliance acts as a media terminator as needed and translates between SRTP
and RTP media streams.
• The TLS proxy is a transparent proxy that works based on establishing trusted relationship between
the TLS client, the proxy (the adaptive security appliance), and the TLS server.
For the Cisco Unified Mobility solution, the TLS client is a Cisco UMA client and the TLS server is a
Cisco UMA server. The adaptive security appliance is between a Cisco UMA client and a Cisco UMA
server. The mobility proxy (implemented as a TLS proxy) for Cisco Unified Mobility allows the use of
an imported PKCS-12 certificate for server proxy during the handshake with the client. Cisco UMA
clients are not required to present a certificate (no client authentication) during the handshake.
For the Cisco Unified Presence solution, the adaptive security appliance acts as a TLS proxy between
the Cisco UP server and the foreign server. This allows the adaptive security appliance to proxy TLS
messages on behalf of the server that initiates the TLS connection, and route the proxied TLS messages
to the client. The adaptive security appliance stores certificate trustpoints for the server and the client,
and presents these certificates on establishment of the TLS session.
Licensing for Cisco Unified Communications Proxy Features
The Cisco Unified Communications proxy features supported by the adaptive security appliance require
a Unified Communications Proxy license:
• Phone proxy
• TLS proxy for encrypted voice inspection
• Presence federation proxy
• Intercompany media engine proxy
Note In Version 8.2(2) and later, the Mobility Advantage proxy no longer requires a Unified Communications
Proxy license.
The following table shows the Unified Communications Proxy license details by platform for the phone
proxy, TLS proxy for encrypted voice inspection, and presence federation proxy:
Model License Requirement
ASA 5505 Base License and Security Plus License: 2 sessions
1
.
Optional license: 24 sessions.
ASA 5510 Base License and Security Plus License: 2 sessions
1
.
Optional licenses: 24, 50, or 100 sessions.
ASA 5520 Base License: 2 sessions
1
.
Optional licenses: 24, 50, 100, 250, 500, 750, or 1000 sessions.
ASA 5540 Base License: 2 sessions
1
.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, or 2000 sessions.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals