Sample asa configuration summary – Cisco OL-24124-01 User Manual

17-11

Cisco Unified Communications Manager Security Guide

OL-24124-01

Chapter 17 Configuring Virtual Private Networks

Sample ASA configuration summary

Copy the text from the terminal and save it as a .pem file and upload it to the Managing
Certificate part of the CUCM.

Step 3

Configure the VPN feature. You can use the Sample IOS configuration summary bellow to guide you
with the configuration.

Note

To use the phone with both certificate and password authentication, create a user with the phone MAC
address. Username matching is case sensitive. For example:

username CP-7975G-SEP001AE2BC16CB password k1kLGQIoxyCO4ti9 encrypted

username CP-7975G-SEP001AE2BC16CB attributes vpn-group-policy GroupPhoneWebvpn

service-type remote-access

Sample ASA configuration summary

You can use the following sample ASA configuration for VPN client on IP phone as a general
guideline to creating your own configurations. The configuration entries can change over time.

ciscoasa(config)# show running-config

: Saved

:

!--- ASA version

ASA Version 8.2(1)

!

!--- Basic local config on ASA

hostname ciscoasa

domain-name nw048b.cisco.com

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

dns-guard

!--- Configure interface. Generally one interface to internal network and one outside

!--- Ethernet0/0 is outside interface with security level 0

!

interface Ethernet0/0

nameif outside

security-level 0

ip address 10.89.79.135 255.255.255.0

!--- Ethernet0/1 is inside interface with security level 100

!

interface Ethernet0/1

nameif inside

security-level 100

ip address dhcp

!

interface Ethernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet0/3

shutdown