Example nat configuration for xmpp federation – Cisco ASA 5505 User Manual

Page 1086

Advertising
background image

51-18

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 51 Configuring Cisco Unified Presence

Configuration Example for Cisco Unified Presence

The following values are used in this sample configuration:

• Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1

• Private second Cisco Unified Presence Release 8.0 IP address= 2.2.2.2

• Private third Cisco Unified Presence Release 7.x IP address = 3.3.3.3

• XMPP federation listening port = 5269

access-list ALLOW-ALL extended permit tcp any host 1.1.1.1 eq 5269

access-list ALLOW-ALL extended permit tcp any host 2.2.2.2 eq 5269

access-list ALLOW-ALL extended permit tcp any host 3.3.3.3 eq 5269

Example 4: This example access list configuration allows only from a specific federated domain
interface to specific XMPP federation nodes published in DNS.

Note

The public addresses are published in DNS, but the private addresses are configured in the access-list
command.

The following values are used in this sample configuration:

Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1

Private second Cisco Unified Presence Release 8.0 IP address = 2.2.2.2

Private third Cisco Unified Presence Release 7.x IP address = 3.3.3.3

XMPP federation listening port = 5269

External interface of the foreign XMPP enterprise = 100.100.100.100

access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 1.1.1.1 eq 5269

access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 2.2.2.2 eq 5269

access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 3.3.3.3 eq 5269

Example NAT Configuration for XMPP Federation

Example 1: Single node with XMPP federation enabled

The following values are used in this sample configuration:

Public Cisco Unified Presence IP address = 10.10.10.10

Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1

XMPP federation listening port = 5269

nat (inside,outside) source static obj_host_1.1.1.1 obj_host_10.10.10.10 service

obj_udp_source_eq_5269 obj_udp_source_eq_5269

nat (inside,outside) source static obj_host_1.1.1.1 obj_host_10.10.10.10 service

obj_tcp_source_eq_5269 obj_tcp_source_eq_5269

Example 2: Multiple nodes with XMPP federation, each with a public IP address in DNS

The following values are used in this sample configuration:

Public Cisco Unified Presence IP addresses = 10.10.10.10, 20.20.20.20, 30.30.30.30

Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1

Private second Cisco Unified Presence Release 8.0 IP address = 2.2.2.2

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals