Cisco ASA 5505 User Manual

Page 1067

Advertising
background image

50-13

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 50 Configuring Cisco Mobility Advantage

Configuration Examples for Cisco Mobility Advantage

Figure 50-7

Cisco UMC/Cisco UMA Architecture – Scenario 2: Security Appliance as TLS Proxy
Only

object network obj-172.16.27.41-01

host 172.16.27.41

nat (inside,outside) static 192.0.2.140

object network obj-0.0.0.0-01

subnet 0.0.0.0 0.0.0.0

nat (outside,inside) dynamic 192.0.2.183

crypto ca import cuma_proxy pkcs12 sample_passphrase

<cut-paste base 64 encoded pkcs12 here>

quit

! for CUMA server’s self-signed certificate

crypto ca trustpoint cuma_server

enrollment terminal

crypto ca authenticate cuma_server

Enter the base 64 encoded CA certificate.

End with a blank line or the word "quit" on a line by itself

MIIDRTCCAu+gAwIBAgIQKVcqP/KW74VP0NZzL+JbRTANBgkqhkiG9w0BAQUFADCB

[ certificate data omitted ]

/7QEM8izy0EOTSErKu7Nd76jwf5e4qttkQ==

quit

271642

ASA with

TLS Proxy

IP Address:

172.16.27.41

(DMZ routable)

DMZ

MP

Conference

Voice mail

Cisco Unified

Presence

M

Cisco UCM

Exchange

Active

Directory

Internal Network

Corporate
Firewall

Enterprise Network

eth0

Internet

Cisco UMC Client

Cisco UMA

Client connects to

cuma.example.com

(192.0.2.41)

inside

outside

192.0.2.41/24

192.0.2.182/24

ISP
Gateway

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals