Figure 51-5 – Cisco ASA 5505 User Manual
Page 1084
51-16
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 51 Configuring Cisco Unified Presence
Configuration Example for Cisco Unified Presence
Figure 51-5
Typical Cisco Unified Presence/LCS Federation Scenario
object network obj-10.0.0.2-01
host 10.0.0.2
nat (inside,outside) static 192.0.2.1 service tcp 5061 5061
object network obj-10.0.0.2-02
host 10.0.0.2
nat (inside,outside) static 192.0.2.1 service tcp 5062 5062
object network obj-10.0.0.2-03
host 10.0.0.2
nat (inside,outside) static 192.0.2.1 service udp 5070 5070
object network obj-10.0.0.3-01
host 10.0.0.3
nat (inside,outside) static 192.0.2.1 service tcp 5062 45062
object network obj-10.0.0.3-02
host 10.0.0.3
nat (inside,outside) static 192.0.2.1 service udp 5070 45070
object network obj-0.0.0.0-01
subnet 0.0.0.0 0.0.0.0
nat (inside,outside) dynamic 192.0.2.1
crypto key generate rsa label ent_y_proxy_key modulus 1024
! for self-signed Entity Y proxy certificate
crypto ca trustpoint ent_y_proxy
enrollment self
fqdn none
subject-name cn=Ent-Y-Proxy
keypair ent_y_proxy_key
crypto ca enroll ent_y_proxy
crypto ca export ent_y_proxy identity-certificate
! for Entity X’s self-signed certificate
crypto ca trustpoint ent_x_cert
enrollment terminal
crypto ca authenticate ent_x_cert
Enter the base 64 encoded CA certificate.
End with a blank line or the word "quit" on a line by itself
[ certificate data omitted ]
271637
SIP
Internet
Cisco UP
(US)
Cisco UCM
Cisco UP
(UK)
Cisco UCM
Cisco UP
(HK)
Cisco UCM
ASA
8.0.4
LCS
AD
DMZ
DMZ
Enterprise X
Enterprise Y
private
private network
Routing
Proxy
(Cisco UP)
192.0.2.1
192.0.2.254
10.0.0.2
Access
Proxy
LCS
Director
MOC
(Yao)
UC
(Ann)
Orative
(Ann)
IPPM
(Ann)
MOC
(Zak)
Outside
Functions as:
• TLS Proxy
• NAT w/SIP
rewrite
• Firewall
Inside