Support User Manuals

Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

19-19

Cisco ASDM User Guide

OL-16647-01

Chapter 19 Adding Global Objects

TLS Proxy Wizard

Configure TLS Proxy Pane

Note This feature is not supported for ASDM version 6.1.5 or the Adaptive Security Appliance version 8.1.2.

You can configure the TLS Proxy from the Configuration > Firewall > Advanced > Encrypted Traffic

Inspection > TLS Proxy pane. For a detailed overview of the TLS Proxy, see TLS Proxy Wizard,

page 19-17.

Configuring a TLS Proxy lets you use the TLS Proxy to enable inspection of SSL encrypted VoIP

signaling, namely Skinny and SIP, interacting with Cisco Call Manager and enable the security appliance

for the Cisco Unified Communications features:

• TLS Proxy for the Cisco Unified Presence Server (CUPS), part of Presence Federation

• TLS Proxy for the Cisco Unified Mobility Advantage (CUMA) server, part of Mobile Advantage

• Phone Proxy

Fields

• TLS Proxy Name—Lists the TLS Proxy name.

• Server Proxy Certificate—Lists the trustpoint, which is either self-signed or enrolled with a

certificate server.

• Local Dynamic Certificate Issuer—Lists the local certificate authority to issue client or server

dynamic certificates.

• Client Proxy Certificate—Lists the proxy certificate for the TLS client. The security appliance uses

the client proxy certificate to authenticate the TLS client during the handshake between the proxy

and the TLS client. The certificate can be either self-signed, enrolled with a certificate authority, or

issued by the third party.

• Add—Adds a TLS Proxy by launching the Add TLS Proxy Instance Wizard. See Adding a TLS

Proxy Instance, page 19-20 for the steps to create a TLS Proxy instance.

• Edit—Edits a TLS Proxy. The fields in the Edit panel area identical to the fields displayed when you

add a TLS Proxy instance. See Add TLS Proxy Instance Wizard – Server Configuration, page 19-21

and Add TLS Proxy Instance Wizard – Client Configuration, page 19-22.

• Delete—Deletes a TLS Proxy.

• Maximum Sessions—Lets you specify the maximum number of TLS Proxy sessions to support.

–

Specify the maximum number of TLS Proxy sessions that the ASA needs to support. By default,

the ASA supports 100 sessions.

–

Maximum number of sessions—The minimum is 1. The maximum is dependent on the platform.

The default is 100.

Note The maximum number of sessions is global to all TLS proxy sessions.

Modes

The following table shows the modes in which this feature is available:

previous next