44-5
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 44 Configuring the TLS Proxy for Encrypted Voice Inspection
Configuring the TLS Proxy for Encrypted Voice Inspection
–
CAP-RTP-002
–
CAPF certificate (Optional)
If LSC provisioning is required or you have LSC enabled IP phones, you must import the CAPF
certificate from the Cisco UCM. If the Cisco UCM has more than one CAPF certificate, you
must import all of them to the adaptive security appliance.
See Chapter 43, “Configuring the Cisco Phone Proxy.”For example, the CA Manufacturer certificate
is required by the phone proxy to validate the IP phone certificate.
Configuring the TLS Proxy for Encrypted Voice Inspection
This section includes the following topics:
• Configure TLS Proxy Pane, page 44-7
• Adding a TLS Proxy Instance, page 44-8
• Add TLS Proxy Instance Wizard – Server Configuration, page 44-9
• Add TLS Proxy Instance Wizard – Client Configuration, page 44-10
• Add TLS Proxy Instance Wizard – Other Steps, page 44-12
• Edit TLS Proxy Instance – Server Configuration, page 44-12
• Edit TLS Proxy Instance – Client Configuration, page 44-13
CTL Provider
Use the CTL Provider option to configure Certificate Trust List provider service.
The CTL Provider pane lets you define and configure Certificate Trust List provider service to enable
inspection of encrypted traffic.
Fields
• CTL Provider Name—Lists the CTL Provider name.
• Client Details—Lists the name and IP address of the client.
–
Interface Name—Lists the defined interface name.
–
IP Address—Lists the defined interface IP address.
• Certificate Name—Lists the certificate to be exported.
• Add—Adds a CTL Provider.
• Edit—Edits a CTL Provider.
• Delete—Deletes a CTL Provider.
Modes
The following table shows the modes in which this feature is available:
To Next Page
Loading...
Need help?
General
