Cisco ASA 5505 User Manual

Page 1115

Advertising
background image

52-27

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 52 Configuring Cisco Intercompany Media Engine Proxy

Configuring Cisco Intercompany Media Engine Proxy

What to Do Next

Once you have enabled the TLS proxy for SIP inspection, if necessary, configure TLS within the
enterprise. See

(Optional) Configuring TLS within the Local Enterprise, page 52-27

.

(Optional) Configuring TLS within the Local Enterprise

This task is not required if TCP is allowable within the inside network.

TLS within the enterprise refers to the security status of the Cisco Intercompany Media Engine trunk as
seen by the ASA.

Note

If the transport security for the Cisco Intercompany Media Engine trunk changes on Cisco UCM, it must
be changed on the ASA as well. A mismatch will result in call failure. The ASA does not support SRTP
with non-secure IME trunks. The ASA assumes SRTP is allowed with secure trunks. So ‘SRTP Allowed’
must be checked for IME trunks if TLS is used. The ASA supports SRTP fallback to RTP for secure IME
trunk calls.

Prerequisites

On the local Cisco UCM, download the Cisco UCM certificate. See the Cisco Unified Communications
Manager documentation for information. You will need this certificate when performing

Step 6

of this

procedure.

Procedure

To configure TLS within the local enterprise, perform the following steps on the local ASA:

Step 14

hostname(config-pmap)# exit

Exits from the policy map configuration mode.

Step 15

hostname(config)# service-policy policymap_name

global

Examples:

hostname(config)# service-policy ime-policy global

Enables the service policy for SIP inspection for all
interfaces.

Where

policymap_name

is the name of the policy

map you created in

Step 7

of this task.

See

Creating the Cisco Intercompany Media Engine

Proxy, page 52-18

for information about the

UC-IME proxy settings. See CLI configuration
guide for information about the no service-policy

command.

Command

Purpose

Advertising