Cisco Systems ASA Services Module Webcam User Manual


 
16-15
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 16 Using the Cisco Unified Communication Wizard
Configuring the Presence Federation Proxy by using the Unified Communication Wizard
Step 3 In the FQDN field, enter the domain name for the Unified Presence server. This domain name is included
in the certificate signing request that you generate later in this wizard.
Step 4 In the Public Network area, choose the interface of the public network from the drop-down list. The
proxy uses this interface for configuring static PAT for the local Cisco Unified Presence server and for
configuring ACLs to allow remote servers to access the Cisco Unified Presence server.
Step 5 Click Next.
Configuring the Local-Side Certificates for the Cisco Presence Federation
Proxy
Within an enterprise, setting up a trust relationship is achievable by using self-signed certificates. The
supports using self-signed certificates only at this step.
Step 1 In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.
An information dialog box appears indicating that enrollment succeeded. In the Enrollment Status dialog
box, click OK. The Export certificate dialog box appears.
Note If an identity certificate for the ASA has already been created, the button in this area appears as
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
When using the wizard to configure the Cisco Presence Federation proxy, the wizard only supports
installing self-signed certificates.
Step 2 Export the identity certificate generated by the wizard for the ASA. See Exporting an Identity
Certificate, page 16-23.
Step 3 Local Unified Presence Server’s Certificate area, click Install Server’s Certificate. The Install
Certificate dialog appears.
Step 4 Locate the file containing the Cisco Unified Presence server certificate or paste the certificate details in
the dialog box. See Installing a Certificate, page 16-23.
Step 5 Click Next.
Note See the Cisco Unified Presence server documentation for information on how to export the certificate
for this server.
Configuring the Remote-Side Certificates for the Cisco Presence Federation
Proxy
Establishing a trust relationship across enterprises or across administrative domains is key for federation.
Across enterprises you must use a trusted third-party CA (such as, VeriSign). The security appliance
obtains a certificate with the FQDN of the Cisco Unified Presence server (certificate impersonation).