43-5
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 43 Configuring the Cisco Phone Proxy
Prerequisites for the Phone Proxy
For more information about licensing, see Chapter 4, “Managing Feature Licenses.”
Prerequisites for the Phone Proxy
This section contains the following topics:
• Media Termination Instance Prerequisites, page 43-5
• Certificates from the Cisco UCM, page 43-6
• DNS Lookup Prerequisites, page 43-7
• Cisco Unified Communications Manager Prerequisites, page 43-7
• Access List Rules, page 43-7
• NAT and PAT Prerequisites, page 43-8
• Prerequisites for IP Phones on Multiple Interfaces, page 43-8
• 7960 and 7940 IP Phones Support, page 43-9
• Cisco IP Communicator Prerequisites, page 43-9
• Prerequisites for Rate Limiting TFTP Requests, page 43-10
• End-User Phone Provisioning, page 43-10
Media Termination Instance Prerequisites
The adaptive security appliance must have a media termination instance that meets the following criteria:
ASA 5550 Base License: 2 sessions
1
.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, or 3000 sessions.
ASA 5580 Base License: 2 sessions
1
.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, 3000, 5000, or 10,000 sessions.
2
1. Phone Proxy, Presence Federation Proxy, and Encrypted Voice Inspection applications use TLS proxy sessions for their connections. Each TLS proxy
session is counted against the UC license limit. All of these applications are licensed under the UC Proxy umbrella, and can be mixed and matched. Some
applications might use multiple sessions for a connection. For example, if you configure a phone with a primary and backup Cisco Unified
Communications Manager, there are 2 TLS proxy connections, so 2 UC Proxy sessions are used.
Note: Mobility Advantage Proxy does not require a license, and its TLS proxy sessions do not count towards the UC license limit.
The maximum number of UC sessions you can use also depends on the TLS proxy session limit:
- For license part numbers ending in “K8” (for example, licenses under 250 users), TLS proxy sessions are limited to 1000.
- For license part numbers ending in “K9” (for example, licenses 250 users or larger), the TLS proxy limit depends on your configuration and the platform
model. To configure the TLS proxy limit, use the Configuration > Firewall > Unified Communications > TLS Proxy pane.
Note: K8 and K9 refer to whether the license is restricted for export: K8 is unrestricted, and K9 is restricted.
You might also use SRTP encryption sessions for your connections:
- For K8 licenses, SRTP sessions are limited to 250.
- For K9 licenses, there is not limit.
Note: Only calls that require encryption/decryption for media are counted towards the SRTP limit; if passthrough is set for the call, even if both legs are
SRTP, they do not count towards the limit.
2. With the 10,000-session license, the total combined sessions can be 10,000, but the maximum number of Phone Proxy sessions is 5000.
Model License Requirement
To Next Page
Loading...
Need help?
General
