1-4
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Cisco Mobility Advantage
Information about the Cisco Mobility Advantage Proxy Feature
Figure 1-2 Cisco UMC/Cisco UMA Architecture – Scenario 2: Security Appliance as Mobility Advantage
Proxy Only
Mobility Advantage Proxy Using NAT/PAT
In both scenarios (Figure 1-1 and Figure 1-2), NAT can be used to hide the private address of the Cisco
UMA servers.
In scenario 2 (Figure 1-2), PAT can be used to converge all client traffic into one source IP, so that the
firewall does not have to open up a wildcard pinhole for inbound traffic.
hostname(config)# access-list cumc extended permit tcp any host 172.16.27.41 eq 5443
versus
hostname(config)# access-list cumc extended permit tcp host 192.0.2.183 host 172.16.27.41
eq 5443
271642
ASA with
TLS Proxy
IP Address:
172.16.27.41
(DMZ routable)
DMZ
MP
Conference
Voice mail
Cisco Unified
Presence
M
Cisco UCM
Exchange
Active
Directory
Internal Network
Corporate
Firewall
Enterprise Network
eth0
Internet
Cisco UMC Client
Cisco UMA
Client connects to
cuma.example.com
(192.0.2.41)
insideoutside
192.0.2.41/24 192.0.2.182/24
ISP
Gateway
To Next Page
Loading...
Need help?
General