Cisco Systems and the ASA Services Module Manual De Usuario
15-17
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 15 Using the Cisco Unified Communication Wizard
Configuring the UC-IME by using the Unified Communication Wizard
To configure the Cisco Intercompany Media Engine Proxy by using ASDM, choose Wizards > Unified
Communication Wizard from the menu. The Unified Communication Wizard opens. From the first
page, select the Cisco Intercompany Media Engine Proxy option under the Business-to-Business section
and click Next.
Communication Wizard from the menu. The Unified Communication Wizard opens. From the first
page, select the Cisco Intercompany Media Engine Proxy option under the Business-to-Business section
and click Next.
Note
The Cisco Intercompany Media Engine Proxy does not appear as an option in the Unified
Communication Wizard unless the license required for this proxy is installed on the ASA.
Communication Wizard unless the license required for this proxy is installed on the ASA.
When using the wizard to create the Cisco Intercompany Media Engine Proxy, ASDM automatically
creates the necessary TLS proxies, enables SIP inspection for Cisco Intercompany Media Engine traffic,
generates address translation (static PAT) statements for local Cisco Unified Communications Manager
servers, and creates ACLs to allow traffic between the local Cisco Unified Communications Manager
servers and the remote servers.
creates the necessary TLS proxies, enables SIP inspection for Cisco Intercompany Media Engine traffic,
generates address translation (static PAT) statements for local Cisco Unified Communications Manager
servers, and creates ACLs to allow traffic between the local Cisco Unified Communications Manager
servers and the remote servers.
The following steps provide the high-level overview for configuring the Cisco Intercompany Media
Engine Proxy:
Engine Proxy:
Step 1
Select the topology of the Cisco Intercompany Media Engine Proxy, namely whether the security
appliance is an edge firewall with all Internet traffic flowing through it or whether the security appliance
is off the path of the main Internet traffic (referred to as an off-path deployment). See
appliance is an edge firewall with all Internet traffic flowing through it or whether the security appliance
is off the path of the main Internet traffic (referred to as an off-path deployment). See
Step 2
Specify private network settings such as the Cisco UCM IP addresses and the ticket settings. See
.
Step 3
Specify the public network settings. See
Step 4
Specify the media termination address settings of the Cisco UMC. See
.
Step 5
Configure the local-side certificate management, namely the certificates that are exchanged between the
local Cisco Unified Communications Manager servers and the security appliance. See
local Cisco Unified Communications Manager servers and the security appliance. See
Step 6
Configure the remote-side certificate management, namely the certificates that are exchanged between
the remote server and the ASA. This certificate is presented to remote servers so that they can
authenticate the ASA as a trusted server. See
the remote server and the ASA. This certificate is presented to remote servers so that they can
authenticate the ASA as a trusted server. See
The wizard completes by displaying a summary of the configuration created for the Cisco Intercompany
Media Engine.
Media Engine.
Configuring the Topology for the Cisco Intercompany Media Engine Proxy
Step 1
Select the topology of your ICME deployment by clicking one of the following options:
•
All Internet traffic flows through the ASA radio button. This option is also referred to as a basic
deployment.
deployment.
•
This ASA is off the path of the regular Internet traffic. This option is also referred to as an off-path
deployment.
deployment.