Cisco Systems ASA 5580 Webcam User Manual


 
18-16
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 18 Configuring the TLS Proxy for Encrypted Voice Inspection
TLS Proxy
TLS Proxy
This feature is supported only for ASA versions 8.0.x prior to 8.0.4 and for version 8.1.
Note This feature is not supported for the Adaptive Security Appliance versions prior to 8.0.4 and for version
8.1.2.
Use the TLS Proxy option to enable inspection of SSL encrypted VoIP signaling, namely Skinny and
SIP, interacting with Cisco CallManager.
The TLS Proxy pane lets you define and configure Transaction Layer Security Proxy to enable
inspection of encrypted traffic.
Fields
TLS Proxy Name—Lists the TLS Proxy name.
Server—Lists the trustpoint, which is either self-signed or enrolled with a certificate server.
Local Dynamic Certificate Issuer—Lists the local certificate authority to issue client or server
dynamic certificates.
Local Dynamic Certificate Key Pair—Lists the RSA key pair used by client or server dynamic
certificates.
Add—Adds a TLS Proxy.
Edit—Edits a TLS Proxy.
Delete—Deletes a TLS Proxy.
Maximum Sessions—Lets you specify the maximum number of TLS Proxy sessions to support.
Specify the maximum number of TLS Proxy sessions that the ASA needs to support. By default,
ASA supports 300 sessions.—Enables maximum number of sessions option.
Maximum number of sessions:—The minimum is 1. The maximum is dependent on the
platform. The default is 300.
Add/Edit TLS Proxy
Note This feature is not supported for the Adaptive Security Appliance versions prior to 8.0.4 and for version
8.1.2.
The Add/Edit TLS Proxy dialog box lets you define the parameters for the TLS Proxy.
Fields
TLS Proxy Name—Specifies the TLS Proxy name.
Server Configuration—Specifies the proxy certificate name.
Server—Specifies the trustpoint to be presented during the TLS handshake. The trustpoint could
be self-signed or enrolled locally with the certificate service on the proxy.
Client Configuration—Specifies the local dynamic certificate issuer and key pair.
Local Dynamic Certificate Issuer—Lists the local certificate authority to issue client or server
dynamic certificates.