43-18
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 43 Configuring the Cisco Phone Proxy
Configuring the Phone Proxy
Note To configure the media termination address, click the Configure MTA button. The Media
Termination Address dialog box appears. Once you click the Add MTA instance to Phone Proxy
check box, the media termination address instance cannot be modified and the button changes to
View MTA Configuration. To change the media termination address, uncheck the Add MTA
instance to Phone Proxy check box.
Step 4 If necessary, add a TFTP server for the Phone Proxy. To add a new TFTP server for the Phone Proxy,
click Add. The Add TFTP Server dialog box opens. See Adding or Editing the TFTP Server for a Phone
Proxy, page 43-19.
Note The TFTP server must reside on the same interface as the Cisco Unified Call Manager. Additionally, If
NAT is configured for the TFTP server, the NAT configuration must be configured prior to configuring
the specifying the TFTP server while creating the Phone Proxy instance.
Step 5 Specify the CTL File to use for the Phone Proxy by doing one of the following:
• To use an existing CTL File, check the Use the Certificate Trust List File generated by the CTL
instance check box.
• To create a new CTL file for the Phone Proxy, click the link Generate Certificate Trust List File. The
Create a Certificate Trust List (CTL) File pane opens. See “Creating the CTL File” section on
page 43-14.
Step 6 To specify the security mode of the CUCM cluster, click one of the following options in the CUCM
Cluster Mode field:
• Non-secure—Specifies the cluster mode to be in nonsecure mode when configuring the Phone Proxy
feature.
• Mixed—Specifies the cluster mode to be in mixed mode when configuring the Phone Proxy feature.
Step 7 To configure the idle timeout after which the secure-phone entry is removed from the Phone Proxy
database (the default is 5 minutes), enter a value in the format hh:mm:ss.
Since secure phones always request a CTL file upon bootup, the Phone Proxy creates a database that
marks the phone as secure. The entries in the secure phone database are removed after a specified
configured timeout. The entry timestamp is updated for each registration refresh the Phone Proxy
receives for SIP phones and KeepAlives for SCCP phones.
Specify a value that is greater than the maximum timeout value for SCCP KeepAlives and SIP Register
refresh. For example, if the SCCP KeepAlives are configured for 1 minute intervals and the SIP Register
Refresh is configured for 3 minutes, configure this timeout value greater than 3 minutes.
Step 8 To preserve Call Manager configuration on the IP phones, check the Preserve the Call Manager’s
configuration on the phone... check box. When this check box is uncheck, the following service settings
are disabled on the IP phones:
• PC Port
• Gratuitous ARP
• Voice VLAN access
• Web Access
• Span to PC Port
To Next Page
Loading...
Need help?
General
