Figure 48-2 – Cisco ASA 5505 User Manual

Page 1026

Advertising
background image

48-44

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 48 Configuring the Cisco Phone Proxy

Configuration Examples for the Phone Proxy

Figure 48-2

Nonsecure Cisco UCM cluster, Cisco UCM and TFTP Server on Publisher

object network obj-192.0.2.101

host 192.0.2.101

nat (inside,outside) static 10.10.0.26

access-list pp extended permit udp any host 10.10.0.26 eq 69

access-group pp in interface outside

crypto key generate rsa label cucmtftp_kp modulus 1024

crypto ca trustpoint cucm_tftp_server

enrollment self

keypair cucmtftp_kp

crypto ca enroll cucm_tftp_server

ctl-file myctl

record-entry cucm-tftp trustpoint cucm_tftp_server address 10.10.0.26

no shutdown

tls-proxy mytls

server trust-point _internal_PP_myctl

media-termination my_mediaterm

address 192.0.2.25 interface inside

address 10.10.0.25 interface outside

phone-proxy mypp

media-termination my_mediaterm

tftp-server address 192.0.2.101 interface inside

tls-proxy mytls

ctl-file myctl

class-map sec_sccp

match port tcp 2443

class-map sec_sip

match port tcp eq 5061

policy-map pp_policy

class sec_sccp

inspect skinny phone-proxy mypp

class sec_sip

inspect sip phone-proxy mypp

service-policy pp_policy interface outside

271632

IP

IP

IP

IP

Internet

Phone A

192.0.2.16

Comcast Address

98.208.49.30

Comcast Address

69.181.112.219

Cisco UCM cluster is in

nonsecure mode

ASA Outside Interface

10.10.0.24

ASA Inside Interface

192.0.2.1

M

Cisco UCM+TFTP

192.0.2.101

Corporate Network

Home Router

w/NAT

Home Router

w/NAT

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals