Below are the Requirements for Configuring a VPN phone with CUCM
#crypto ca certificate chain localtrust
This will give you an output of the certificate, copy paste the output to an notepad file and save it as *.pem file
Upload this file to CUCM.
Step2 : ASA Configuration
# crypto ca trustpoint localtrust
# enrollment self
# fqdn sslvpn.test.com
# subject-name CN=sslvpn.test.com
# keypair sslvpnkeypair
# crl configure
#ip local pool vpnpool2 172.17.24.10-172.17.24.254 mask 255.255.255.0
#ssl trust-point localtrust outside
#webvpn
enable outside
no anyconnect-essentials
svc image disk0:/anyconnect-win-3.1.00495-k9.pkg 1
svc enable
tunnel-group-list enable
group-policy test-ssl-group internal
group-policy test-ssl-group attributes
dns-server value 172.17.1.15
vpn-tunnel-protocol svc
default-domain value corp.test.com
address-pools value vpnpool2
#tunnel-group test-ssl-group type remote-access
tunnel-group test-ssl-group general-attributes
default-group-policy test-ssl-group
tunnel-group test-ssl-group webvpn-attributes
group-alias SSLVPNClient enable
group-url https://1.1.1.1/ enable
username vishnu password vishnu
username vishnu attributes
service-type remote-access
Step3 : CUCM Configuration
Work in progress!!!!
- ASA runs 8.2 or higher IOS version
- Anyconnect SSL VPN license
#crypto ca certificate chain localtrust
This will give you an output of the certificate, copy paste the output to an notepad file and save it as *.pem file
Upload this file to CUCM.
Step2 : ASA Configuration
# crypto ca trustpoint localtrust
# enrollment self
# fqdn sslvpn.test.com
# subject-name CN=sslvpn.test.com
# keypair sslvpnkeypair
# crl configure
#ip local pool vpnpool2 172.17.24.10-172.17.24.254 mask 255.255.255.0
#ssl trust-point localtrust outside
#webvpn
enable outside
no anyconnect-essentials
svc image disk0:/anyconnect-win-3.1.00495-k9.pkg 1
svc enable
tunnel-group-list enable
group-policy test-ssl-group internal
group-policy test-ssl-group attributes
dns-server value 172.17.1.15
vpn-tunnel-protocol svc
default-domain value corp.test.com
address-pools value vpnpool2
#tunnel-group test-ssl-group type remote-access
tunnel-group test-ssl-group general-attributes
default-group-policy test-ssl-group
tunnel-group test-ssl-group webvpn-attributes
group-alias SSLVPNClient enable
group-url https://1.1.1.1/ enable
username vishnu password vishnu
username vishnu attributes
service-type remote-access
Step3 : CUCM Configuration
Work in progress!!!!
No comments:
Post a Comment