Cisco ASA 5505 User Manual
Page 1030
48-48
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 48 Configuring the Cisco Phone Proxy
Configuration Examples for the Phone Proxy
Figure 48-5
Mixed-mode Cisco UCM cluster, Primary Cisco UCM, Secondary Cisco UCM, and TFTP
Server on Different Servers
object network obj-192.0.2.105
host 192.0.2.105
nat (inside,outside) static 10.10.0.27
object network obj-192.0.2.101
host 192.0.2.101
nat (inside,outside) static interface udp 69 69
object network obj-192.0.2.106
host 192.0.2.106
nat (inside,outside) static 10.10.0.26
access-list pp extended permit udp any host 10.10.0.24 eq 69
access-group pp in interface outside
crypto key generate rsa label cluster_kp modulus 1024
crypto ca trustpoint pri_cucm
enrollment self
keypair cluster_kp
crypto ca enroll pri_cucm
crypto ca trustpoint sec_cucm
enrollment self
serial-number
keypair cluster_kp
crypto ca enroll sec_cucm
crypto ca trustpoint tftp_server
enrollment self
fqdn my_tftp.example.com
keypair cluster_kp
crypto ca enroll tftp_server
ctl-file myctl
record-entry tftp trustpoint tftp_server address 10.10.0.24
record-entry cucm trustpoint pri_cucm_server address 10.10.0.27
record-entry cucm trustpoint sec_cucm_server address 10.10.0.2
no shutdown
crypto key generate rsa label ldc_signer_key modulus 1024
crypto key generate rsa label phone_common modulus 1024
2716
3
5
IP
Internet
Corporate
Network
Phone B
192.0.2.103
IP
Phone A
192.0.2.102
IP
Comcast
Address
98.208.49.30
ASA Inside Interface
192.0.2.24
ASA Outside Interface
10.10.0.24
M
TFTP / Publisher
192.0.2.101
M
Primary Cisco UCM
192.0.2.105
M
Secondary Cisco UCM
192.0.2.106
Comcast
Address
69.181.112.219
IP
Home Router
w/NAT
Home Router
w/NAT