Cisco Systems ASA Services Module Webcam User Manual


 
16-12
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 16 Using the Cisco Unified Communication Wizard
Configuring the Mobility Advantage by using the Unified Communication Wizard
Configuring the Topology for the Cisco Mobility Advantage Proxy
When configuring the Mobility Advantage Proxy, you specify settings to define the private and public
network topology, such the private and public network interfaces, and the private and public IP addresses
of the Cisco Mobility Advantage server.
The values that you specify in this page generate the following configuration settings for the Mobility
Advantage Proxy:
Static PAT for the Cisco Mobility Advantage server
Static NAT for Cisco Unified Mobile Communicator clients if the Enable address translation for
Mobility clients check box is checked.
ACLs to allow Cisco Unified Mobile Communicator clients to access the Cisco Mobility Advantage
server
Step 1 In the Private Network area, choose the interface from the drop-down list.
Step 2 In the Unified MA Server area, enter the private and public IP address for the Cisco Mobility Advantage
server. Entering ports for these IP addresses is optional. By default port number 5443 is entered, which
is the default TCP port for MMP inspection.
Step 3 In the FQDN field, enter the domain name for the Cisco Mobility Advantage server. This domain name
is included in the certificate signing request that you generate later in this wizard.
Step 4 In the Public Network area, choose an interface from the drop-down list.
The proxy uses this interface for configuring static PAT for the Cisco Mobility Advantage server and the
ACLs to allow Cisco Unified Mobile Communicator clients to access the Cisco Mobility Advantage
server.
Step 5 To configure whether address translation (NAT) is used by Cisco Unified Mobile Communicator
clients, check the Enable address translation for Mobility clients check box and choose whether to
use the IP address of the public interface or whether to enter an IP address.
Step 6 Click Next.
Configuring the Server-Side Certificates for the Cisco Mobility Advantage
Proxy
A trusted relationship between the ASA and the Cisco UMA server can be established with self-signed
certificates. The ASA's identity certificate is exported, and then uploaded on the Cisco UMA server
truststore. The Cisco UMA server certificate is downloaded, and then uploaded on the ASA truststore.
The supports using self-signed certificates only at this step.
Step 1 In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.
An information dialog boxes appear indicating that the enrollment seceded. In the Enrollment Status
dialog box, click OK. The Export certificate dialog box appears.
Note If an identity certificate for the ASA has already been created, the button in this area appears as
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.