Cisco ASA 5505 Configuration Manual page 993
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 45
Configuring Cisco Mobility Advantage
Figure 45-2
Mobile Data
Network (GPRS
Data Channel)
Cisco UMC Client
In
Figure
10.1.1.2 IP address to 192.0.2.140.
Figure 45-3
proxy only and does not function as the corporate firewall. In this scenario, the adaptive security
appliance and the corporate firewall are performing NAT. The corporate firewall will not be able to
predict which client from the Internet needs to connect to the corporate Cisco UMA server. Therefore,
to support this deployment, you can take the following actions:
Set up a NAT rule for inbound traffic that translates the destination IP address 192.0.2.41 to
•
172.16.27.41.
Set up an interface PAT rule for inbound traffic translating the source IP address of every packet so
•
that the corporate firewall does not need to open up a wildcard pinhole. The Cisco UMA server
receives packets with the source IP address 192.0.12.183.
See
information.
Note
OL-20339-01
The TLS proxy for the Cisco Mobility Advantage solution does not support client
authentication because the Cisco UMA client cannot present a certificate.
Appliance as Firewall with Mobility Advantage Proxy and MMP Inspection
MMP/SSL/TLS
cuma.example.com
Network: 192.0.2.0/24
IP Address: 192.0.2.140
PSTN
Voice Channel
45-2, the adaptive security appliance performs static NAT by translating the Cisco UMA server
shows deployment scenario 2, where the adaptive security appliance functions as the TLS
Chapter 27, "Configuring Network Object NAT"
This interface PAT rule converges the Cisco UMA client IP addresses on the outside interface of
the adaptive security appliance into a single IP address on the inside interface by using different
source ports. Performing this action is often referred as "outside PAT". "Outside PAT" is not
recommended when TLS proxy for Cisco Mobility Advantage is enabled on the same interface
of the adaptive security appliance with phone proxy, Cisco Unified Presence, or any other
features involving application inspection. "Outside PAT" is not supported completely by
application inspection when embedded address translation is needed.
Information about the Cisco Mobility Advantage Proxy Feature
Network:
10.1.1.0/24
IP Address:
10.1.1.2
Port: 5443
ASA with
TLS Proxy
MMP/SSL/TLS
Hostname:
Network:
10.1.1.0/24
IP Address:
10.1.1.1
Port: 5443
and
Chapter 28, "Configuring Twice NAT"
Cisco ASA 5500 Series Configuration Guide using ASDM
Security
Enterprise Services
Active Directory
Exchange
Cisco Unified
Presence
Cisco UMA
Voice mail
Server
MP
Conference
M
Cisco UCM
for
45-3
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
