EasyManuals Logo
Home>Cisco>Firewall>ASA 5512-X

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1215 background imageLoading...
Page #1215 background image
1-17
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the Cisco Phone Proxy
Configuring the Phone Proxy
Task Flow for Configuring the Phone Proxy in a Mixed-mode Cisco UCM
Cluster
Note For mixed-mode clusters, the phone proxy does not support the Cisco Unified Call Manager using TFTP
to send encrypted configuration files to IP phones through the ASA.
Follow these tasks to configure the phone proxy in a Non-secure Cisco UCM Cluster:
Step 1 Create trustpoints and generate certificates for each entity in the network (Cisco UCM, Cisco UCM and
TFTP, TFTP server, CAPF) that the IP phone must trust. The certificates are used in creating the CTL
file. See Creating Trustpoints and Generating Certificates, page 1-18.
Note Before you create the trustpoints and generate certificates, you must have imported the required
certificates, which are stored on the Cisco UCM. See Certificates from the Cisco UCM, page 1-7
and Importing Certificates from the Cisco UCM, page 1-15
Step 2 Create the CTL file for the phone proxy. See Creating the CTL File, page 1-19.
Note When the phone proxy is being configured to run in mixed-mode clusters, you have the
following option to use an existing CTL file to install the trustpoints. See Using an Existing CTL
File, page 1-20.
Step 3 Create the TLS proxy instance. See Creating the TLS Proxy for a Mixed-mode Cisco UCM Cluster,
page 1-21.
Step 4 Create the media termination instance for the phone proxy. See Creating the Media Termination
Instance, page 1-23.
Step 5 Create the phone proxy instance. See Creating the Phone Proxy Instance, page 1-24.
Table 1-2 Certificates Required by the Security Appliance for the Phone Proxy
Certificate Name Required for...
CallManager Authenticating the Cisco UCM during TLS handshake; only
required for mixed-mode clusters.
Cisco_Manufacturing_CA Authenticating IP phones with a Manufacturer Installed Certificate
(MIC).
CAP-RTP-001 Authenticating IP phones with a MIC.
CAP-RTP-002 Authenticating IP phones with a MIC.
CAPF Authenticating IP phones with an LSC.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
BrandCisco
ModelASA 5512-X
CategoryFirewall
LanguageEnglish

Related product manuals