[cisco-voip] CUMA and ASA as Proxy
Ryan Ratliff
rratliff at cisco.com
Thu Jul 2 09:21:03 EDT 2009
I'm still getting up to speed with CUMA but I'll give it a shot...
There are two certs you need to have generated for CUMA with the ASA
proxy. One is the external-facing cert that the mobile devices see
when connecting to the ASA. This cert cannot be self-signed because
the phones only have the public root CA certificates and thus can't
trust self-signed certs. The second cert is the one between the CUMA
server and the ASA. This one can be self-signed and is documented in
the URL below "Importing a Self-Signed Certificate" section.
http://www.cisco.com/en/US/docs/voice_ip_comm/cuma/7_0/english/
install/guide/cuma_70_IAG_02_ASA.html#wp1233240
-Ryan
On Jul 1, 2009, at 9:43 PM, Voice Noob wrote:
Has anyone deployed CUMA 7.x using the ASA as the Proxy server? I am
having a problem with the documentation on exactly how I setup the
ASA and the certificate requests. I don't know if the name I should
put into the requests is the CUMA server name or the hostname of my ASA.
Also has anyone done this using slef signed certs with an internal
CA? I don't think I can get this company to pay for a cert from
Verisign or Geotrust. In fact I know I can't.
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
More information about the cisco-voip
mailing list