53-16
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 53 Configuring the TLS Proxy for Encrypted Voice Inspection
TLS Proxy
• Local Dynamic Certificate Key Pair—Lists the RSA key pair used by client or server dynamic
certificates.
• Add—Adds a TLS Proxy.
• Edit—Edits a TLS Proxy.
• Delete—Deletes a TLS Proxy.
• Maximum Sessions—Lets you specify the maximum number of TLS Proxy sessions to support.
–
Specify the maximum number of TLS Proxy sessions that the ASA needs to support. By default,
ASA supports 300 sessions.—Enables maximum number of sessions option.
–
Maximum number of sessions:—The minimum is 1. The maximum is dependent on the
platform. The default is 300.
Modes
The following table shows the modes in which this feature is available:
Add/Edit TLS Proxy
Note This feature is not supported for the Adaptive Security Appliance versions prior to 8.0.4 and for version
8.1.2.
The Add/Edit TLS Proxy dialog box lets you define the parameters for the TLS Proxy.
Fields
• TLS Proxy Name—Specifies the TLS Proxy name.
• Server Configuration—Specifies the proxy certificate name.
–
Server—Specifies the trustpoint to be presented during the TLS handshake. The trustpoint could
be self-signed or enrolled locally with the certificate service on the proxy.
• Client Configuration—Specifies the local dynamic certificate issuer and key pair.
–
Local Dynamic Certificate Issuer—Lists the local certificate authority to issue client or server
dynamic certificates.
Certificate Authority Server—Specifies the certificate authority server.
Certificate—Specifies a certificate.
Manage—Configures the local certificate authority. To make configuration changes after it has
been configured for the first time, disable the local certificate authority.
–
Local Dynamic Certificate Key Pair—Lists the RSA key pair used by client dynamic
certificates.
Key-Pair Name—Specifies a defined key pair.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—
