-
Cisco Systems OL-24124-01 - page 1
CH A P T E R 17-1 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 17 Configuring Virtual Private Networks The Cisco VPN Client for Cisco Unif ied IP Phones adds another op tion for customers attempting to solve t he remote telecommuter problem by compleme nti ng other Cisco remote telecommuting of ferings. • Easy to Deploy — A ...
-
Cisco Systems OL-24124-01 - page 2
17-2 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Configuring the VPN Feature T a ble 17 -1 VPN Configur ation Checklist Configuration Steps Notes and Related Procedures Step 1 Set up the VPN concentrators for each VPN Gateway . For conf iguration info rmation, refer to the docume ...
-
Cisco Systems OL-24124-01 - page 3
17-3 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks IOS configuration requireme nts IOS configuration requirements Before you create an ISO configuration for VPN cl ient on IP pho ne, complete th e following steps: Step 1 Install IOS Software v ersion 15.1(2)T or later Feature Set/L ...
-
Cisco Systems OL-24124-01 - page 4
17-4 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Configuring IOS fo r VPN client on IP phone router(config-if)# duplex auto router(config-if)# speed auto router(config-if)# no shutdown router# show ip interface brief (shows interfaces summary) b. Config ure static and default rou ...
-
Cisco Systems OL-24124-01 - page 5
17-5 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks Sample IOS con figuration summary Router(config)# crypto key generate rsa general-keys label <name> <exportable -optional> Router(config)# crypto pki trustpoint <name> Router(ca-trustpoint)# enrollment selfsigned ...
-
Cisco Systems OL-24124-01 - page 6
17-6 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Sample IOS configuration summary aaa new-model ! ! aaa authentication login default local aaa authentication login webvpn local aaa authorization exec default local ! aaa session-id common ! clock timezone CST -6 clock summer-time ...
-
Cisco Systems OL-24124-01 - page 7
17-7 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks Sample IOS con figuration summary hidekeys username admin privilege 15 password 0 vpnios username test privilege 15 password 0 adgjm username usr+ privilege 15 password 0 adgjm username usr# privilege 15 password 0 adgjm username t ...
-
Cisco Systems OL-24124-01 - page 8
17-8 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Sample IOS configuration summary ip address 10.89.79.140 port 443 ! ssl configuration ssl encryption aes128-sha1 ssl trustpoint iosrcdnvpn-cert inservice ! ! webvpn context for User and Password authentication webvpn context UserPa ...
-
Cisco Systems OL-24124-01 - page 9
17-9 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks ASA configuration requireme nts authentication certificate ca trustpoint CiscoMfgCert inservice ! end ASA configuration requirements Before you create an ASA conf iguration fo r VPN client on IP phone, complete the follo wing step ...
-
Cisco Systems OL-24124-01 - page 10
17-10 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Configuring ASA for VPN client on IP p hone • CallManager - A uthenticating the C isco UCM during TLS handshake (Only requ ired for mixed-mode clusters) • Cisco_Manufacturing_CA - Auth enticating IP phones with a Manuf acturer ...
-
Cisco Systems OL-24124-01 - page 11
17-11 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks Sample ASA configu ration summary Copy the te xt from the terminal and sa ve it as a .pem f ile and upload it to the Managing Certif icate part of the CUCM. Step 3 Configure the VPN feature. Y ou can use the Sample IOS conf igurat ...
-
Cisco Systems OL-24124-01 - page 12
17-12 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Sample ASA configuration summary no nameif security-level 100 no ip address ! interface Management0/0 shutdown nameif management security-level 100 no ip address management-only ! !--- Boot image of ASA boot system disk0:/asa821-k ...
-
Cisco Systems OL-24124-01 - page 13
17-13 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks Sample ASA configu ration summary timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.1.0 255.255.255.0 inside http redirect outside 80 no snmp-server location no snmp ...
-
Cisco Systems OL-24124-01 - page 14
17-14 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Sample ASA configuration summary !--- Group-policy group-policy GroupPhoneWebvpn internal group-policy GroupPhoneWebvpn attributes banner none vpn-simultaneous-logins 10 vpn-idle-timeout none vpn-session-timeout none vpn-tunnel-pr ...
-
Cisco Systems OL-24124-01 - page 15
17-15 Cisco Unified Commu nications Manager Secu rity Guide OL-24124-01 Chapter 17 Configuring Virtual Private Networks Sample ASA configu ration summary ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect ftp inspect h323 h225 inspect h323 ras inspect rsh insp ...
-
Cisco Systems OL-24124-01 - page 16
17-16 Cisco Unified Communications Ma nager Security Guide OL-24124-01 Chapter 17 Configur ing Virtual Private Networks Sample ASA configuration summary ...
Cisco Systems OL-24124-01についてご質問がありますか?
次のフォームを使用してください
見つけた説明書を読んでもCisco Systems OL-24124-01の問題を解決できない場合、下記のフォームを使用して質問をしましょう。ユーザーのどなたかがCisco Systems OL-24124-01で同様の問題を抱えていた場合、その解決方法を共有したいと考えるかもしれません。