Cisco Systems ASA 5580 Manual De Usuario
19-18
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 19 Configuring Cisco Unified Presence
Configuration Example for Cisco Unified Presence
The following values are used in this sample configuration:
• Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1
• Private second Cisco Unified Presence Release 8.0 IP address= 2.2.2.2
• Private third Cisco Unified Presence Release 7.x IP address = 3.3.3.3
• XMPP federation listening port = 5269
access-list ALLOW-ALL extended permit tcp any host 1.1.1.1 eq 5269
access-list ALLOW-ALL extended permit tcp any host 2.2.2.2 eq 5269
access-list ALLOW-ALL extended permit tcp any host 3.3.3.3 eq 5269
Example 4: This example ACL configuration allows only from a specific federated domain interface to
specific XMPP federation nodes published in DNS.
specific XMPP federation nodes published in DNS.
Note
The public addresses are published in DNS, but the private addresses are configured in the access-list
command.
command.
The following values are used in this sample configuration:
•
Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1
•
Private second Cisco Unified Presence Release 8.0 IP address = 2.2.2.2
•
Private third Cisco Unified Presence Release 7.x IP address = 3.3.3.3
•
XMPP federation listening port = 5269
•
External interface of the foreign XMPP enterprise = 100.100.100.100
access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 1.1.1.1 eq 5269
access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 2.2.2.2 eq 5269
access-list ALLOW-ALL extended permit tcp host 100.100.100.100 host 3.3.3.3 eq 5269
Example NAT Configuration for XMPP Federation
Example 1: Single node with XMPP federation enabled
The following values are used in this sample configuration:
•
Public Cisco Unified Presence IP address = 10.10.10.10
•
Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1
•
XMPP federation listening port = 5269
nat (inside,outside) source static obj_host_1.1.1.1 obj_host_10.10.10.10 service
obj_udp_source_eq_5269 obj_udp_source_eq_5269
nat (inside,outside) source static obj_host_1.1.1.1 obj_host_10.10.10.10 service
obj_tcp_source_eq_5269 obj_tcp_source_eq_5269
Example 2: Multiple nodes with XMPP federation, each with a public IP address in DNS
The following values are used in this sample configuration:
•
Public Cisco Unified Presence IP addresses = 10.10.10.10, 20.20.20.20, 30.30.30.30
•
Private XMPP federation Cisco Unified Presence Release 8.0 IP address = 1.1.1.1
•
Private second Cisco Unified Presence Release 8.0 IP address = 2.2.2.2