EasyManua.ls Logo

Cisco ASA 5515-X

Cisco ASA 5515-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
1-7
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Cisco Mobility Advantage
Configuring Cisco Mobility Advantage
Enabling the TLS Proxy for MMP Inspection, page 1-9
Task Flow for Configuring Cisco Mobility Advantage
To configure for the ASA to perform TLS proxy and MMP inspection as shown in Figure 1-1 and
Figure 1-2, perform the following tasks.
It is assumed that self-signed certificates are used between the ASA and the Cisco UMA server.
Prerequisites
Export the Cisco UMA server certificate and keypair in PKCS-12 format so that you can import it onto
the ASA. The certificate will be used during the handshake with the Cisco UMA clients.
Step 1 Create the static NAT for the Cisco UMA server by entering the following commands:
hostname(config)# object network name
hostname(config-network-object)# host real_ip
hostname(config-network-object)# nat (real_ifc,mapped_ifc) static mapped_ip
Step 2 Import the Cisco UMA server certificate onto the ASA by entering the following commands:
hostname(config)# crypto ca import trustpoint pkcs12 passphrase
[paste base 64 encoded pkcs12]
hostname(config)# quit
Step 3 Install the Cisco UMA server certificate on the ASA. See Installing the Cisco UMA Server Certificate,
page 1-7.
Step 4 Create the TLS proxy instance for the Cisco UMA clients connecting to the Cisco UMA server. See
Creating the TLS Proxy Instance, page 1-8.
Step 5 Enable the TLS proxy for MMP inspection. See Enabling the TLS Proxy for MMP Inspection, page 1-9.
Installing the Cisco UMA Server Certificate
Install the Cisco UMA server self-signed certificate in the ASA truststore. This task is necessary for the
ASA to authenticate the Cisco UMA server during the handshake between the ASA proxy and Cisco
UMA server.
Prerequisites
Export the Cisco UMA server certificate and keypair in PKCS-12 format so that you can import it onto
the ASA.

Table of Contents

Other manuals for Cisco ASA 5515-X

Related product manuals