Cisco Systems ASA 5585-X Manual De Usuario
15-15
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 15 Using the Cisco Unified Communication Wizard
Configuring the Presence Federation Proxy by using the Unified Communication Wizard
Step 3
In the FQDN field, enter the domain name for the Unified Presence server. This domain name is included
in the certificate signing request that you generate later in this wizard.
in the certificate signing request that you generate later in this wizard.
Step 4
In the Public Network area, choose the interface of the public network from the drop-down list. The
proxy uses this interface for configuring static PAT for the local Cisco Unified Presence server and for
configuring ACLs to allow remote servers to access the Cisco Unified Presence server.
proxy uses this interface for configuring static PAT for the local Cisco Unified Presence server and for
configuring ACLs to allow remote servers to access the Cisco Unified Presence server.
Step 5
Click Next.
Configuring the Local-Side Certificates for the Cisco Presence Federation
Proxy
Proxy
Within an enterprise, setting up a trust relationship is achievable by using self-signed certificates. The
supports using self-signed certificates only at this step.
supports using self-signed certificates only at this step.
Step 1
In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.
An information dialog box appears indicating that enrollment succeeded. In the Enrollment Status dialog
box, click OK. The Export certificate dialog box appears.
box, click OK. The Export certificate dialog box appears.
Note
•
If an identity certificate for the ASA has already been created, the button in this area appears as
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
•
When using the wizard to configure the Cisco Presence Federation proxy, the wizard only supports
installing self-signed certificates.
installing self-signed certificates.
Step 2
Export the identity certificate generated by the wizard for the ASA. See
Step 3
Local Unified Presence Server’s Certificate area, click Install Server’s Certificate. The Install
Certificate dialog appears.
Certificate dialog appears.
Step 4
Locate the file containing the Cisco Unified Presence server certificate or paste the certificate details in
the dialog box. See
the dialog box. See
Step 5
Click Next.
Note
See the Cisco Unified Presence server documentation for information on how to export the certificate
for this server.
for this server.
Configuring the Remote-Side Certificates for the Cisco Presence Federation
Proxy
Proxy
Establishing a trust relationship across enterprises or across administrative domains is key for federation.
Across enterprises you must use a trusted third-party CA (such as, VeriSign). The security appliance
obtains a certificate with the FQDN of the Cisco Unified Presence server (certificate impersonation).
Across enterprises you must use a trusted third-party CA (such as, VeriSign). The security appliance
obtains a certificate with the FQDN of the Cisco Unified Presence server (certificate impersonation).