Configuring cisco mobility advantage, Figure 50-5 – Cisco ASA 5505 User Manual

50-6

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 50 Configuring Cisco Mobility Advantage

Licensing for the Cisco Mobility Advantage Proxy Feature

Figure 50-5

How the Security Appliance Represents Cisco UMA – Certificate Impersonation

A trusted relationship between the ASA and the Cisco UMA server can be established with self-signed
certificates. The ASA's identity certificate is exported, and then uploaded on the Cisco UMA server
truststore. The Cisco UMA server certificate is downloaded, and then uploaded on the ASA truststore
by creating a trustpoint and using the crypto ca authenticate command.

Licensing for the Cisco Mobility Advantage Proxy Feature

The Cisco Unified Communications proxy features (Cisco Phone Proxy, TLS proxy for encrypted voice
inspection, and the Cisco Presence Federation Proxy) supported by the ASA require a Unified
Communications Proxy license. However, in Version 8.2(2) and later, the Mobility Advantage proxy no
longer requires a Unified Communications Proxy license.

The following table shows the licensing requirements for the Mobility Advantage proxy:

For more information about licensing, see

Chapter 3, “Managing Feature Licenses.”

Configuring Cisco Mobility Advantage

This section includes the following topics:

•

Task Flow for Configuring Cisco Mobility Advantage, page 50-7

•

Installing the Cisco UMA Server Certificate, page 50-7

•

Creating the TLS Proxy Instance, page 50-8

271644

Internet

Inspected and

Modified

(if needed)

Certificate

Authority

Certificate

ASA

Enroll with FQDN

of Cisco UMA

Key 1

Key 2

TLS (Self-signed,
or from local CA)

TLS (ASA Certificate with Cisco UMA FQDN)

3rd Party CA

Cisco UMA

Cisco UMC Client

Model

License Requirement

All models

Base License.