Mobility advantage proxy using nat/pat, Figure 50-3 – Cisco ASA 5505 User Manual

Page 1058

Advertising
background image

50-4

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 50 Configuring Cisco Mobility Advantage

Information about the Cisco Mobility Advantage Proxy Feature

Note

This interface PAT rule converges the Cisco UMA client IP addresses on the outside interface of
the ASA into a single IP address on the inside interface by using different source ports.
Performing this action is often referred as “outside PAT”. “Outside PAT” is not recommended
when TLS proxy for Cisco Mobility Advantage is enabled on the same interface of the ASA with
phone proxy, Cisco Unified Presence, or any other features involving application inspection.
“Outside PAT” is not supported completely by application inspection when embedded address
translation is needed.

Figure 50-3

Cisco UMC/Cisco UMA Architecture – Scenario 2: Security Appliance as Mobility
Advantage Proxy Only

Mobility Advantage Proxy Using NAT/PAT

In both scenarios (

Figure 50-2

and

Figure 50-3

), NAT can be used to hide the private address of the Cisco

UMA servers.

271642

ASA with

TLS Proxy

IP Address:

172.16.27.41

(DMZ routable)

DMZ

MP

Conference

Voice mail

Cisco Unified

Presence

M

Cisco UCM

Exchange

Active

Directory

Internal Network

Corporate
Firewall

Enterprise Network

eth0

Internet

Cisco UMC Client

Cisco UMA

Client connects to

cuma.example.com

(192.0.2.41)

inside

outside

192.0.2.41/24

192.0.2.182/24

ISP
Gateway

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals