EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1218 background imageLoading...
Page #1218 background image
1-20
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the Cisco Phone Proxy
Configuring the Phone Proxy
What to Do Next
Once you have configured the CTL file for the phone proxy, create the TLS proxy instance. See Creating
the TLS Proxy Instance for a Non-secure Cisco UCM Cluster, page 1-21 to add the TLS proxy when
configuring the phone proxy in a non-secure mode or see Creating the TLS Proxy for a Mixed-mode
Cisco UCM Cluster, page 1-21 if the phone proxy is running in a mixed-mode cluster.
Using an Existing CTL File
Note Only when the phone proxy is running in mixed-mode clusters, you have the option to use an existing
CTL file to install trustpoints.
If you have an existing CTL file that contains the correct IP addresses of the entities (namely, the IP
address that the IP phones use for the Cisco UCM or TFTP servers), you can be use it to create a new
CTL file thereby using the existing CTL file to install the trustpoints for each entity in the network
(Cisco UCM, Cisco UCM and TFTP, TFTP server, CAPF) that the IP phones must trust.
Prerequisites
If a CTL file exists for the cluster, copy the CTL file to Flash memory. When you copy the CTL file to
Flash memory, rename the file and do not name the file
CTLFile.tlv.
If you are using domain names for your Cisco UCM and TFTP server, you must configure DNS lookup
on the ASA. See the prerequisites for Creating the CTL File, page 1-19.
Step 3
hostname(config-ctl-file)# record-entry cucm
trustpoint trustpoint_name address IP_address
Example:
record-entry cucm trustpoint cucm_server address
10.10.0.26
Creates the record entry for the each Cisco UCM
(primary and secondary).
Note Use the global or mapped IP address of the
Cisco UCM.
Step 4
hostname(config-ctl-file)# record-entry capf
trustpoint trust_point address
Example:
record-entry capf trustpoint capf address 10.10.0.26
Creates the record entry for CAPF.
Note You only enter this command when LSC
provisioning is required or you have LSC
enabled IP phones.
Step 5
hostname(config-ctl-file)# no shutdown
Creates the CTL file.
When the file is created, it creates an internal
trustpoint used by the phone proxy to sign the TFTP
files. The trustpoint is named
_internal_PP_ctl-instance_filename.
Step 6
hostname(config)# copy running-configuration
startup-configuration
Saves the certificate configuration to Flash memory.
Command Purpose

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals