Configuring the Federation Proxy on Cisco Adaptive Security Appliance using the Unified Communication Wizard
Back to Configuration Examples Page: Configuration Examples
You can use the Unifed Communications wizard on Cisco Adaptive Security Appliance to configure the presence federation proxy between Cisco Adaptive Security Appliance and Cisco Unified Presence. The configuration wizard runs on the Cisco Adaptive Security Device Manager (ASDM) on Cisco Adaptive Security Appliance.
Note that you can only use the configuration wizard if you deploy a single Cisco Unified Presence server in your interdomain federation deployment. If you deploy multiple Cisco Unified Presence servers in your interdomain federation deployment, you must use the CLI to configure the presence federation proxy on Cisco Adaptive Security Appliance.
For detailed information on configuring Cisco Unified Presence for interdomain federation, see the Integration Guide for Configuring Cisco Unified Presence Release 8.5 for Interdomain Federation at this link: http://www.cisco.com/en/US/products/ps6837/products_installation_and_configuration_guides_list.html
Cisco Adaptive Security Appliance Requirements
Cisco Adaptive Security Appliance v8.3.1
Cisco Adaptive Security Device Manager (ASDM) v6.3.1
Before You Begin
Make sure you configure these tasks before you start this procedure:
- Perform the prerequisite configuration tasks for Cisco Unified Presence, and for Cisco Adaptive Security Appliance. These prerequiste configuration tasks are described in detail in the integration guide described above.
- Performed the required SIP federation configuration on Cisco Unified Presence.
Installing Cisco Adaptive Security Device Manager (ASDM)
Launch the installation of the Cisco Adaptive Security Device Manager:
Enter the enable password for the Cisco Adaptive Security Appliance server, and select OK.
Note! Leave the username field blank.
Select Next to start the ASDM installation wizard, and proceed through the installation wizard screens:
Sign in to the ASDM interface. Enter the enable password for the Cisco Adaptive Security Appliance server, and select OK:
Configuring the Presence Federation Proxy
On the ASDM interface, select Wizards > Unified Communications Wizard:
Select Cisco Presence Federation Proxy:
In the Private Network, select the inside interface. Enter the private IP address and the public IP address for the inside interface. Enter the peer auth listening port for the Cisco Unified Presence server.
Exchanging Certificates between Cisco Unified Presence and Cisco Adaptive Security Appliance
Select Generate and Export ASA's Identity Certificate.
Export the Cisco Adaptive Security Appliance self-signed certificate (for example, asa.pem file) to your local machine.
On Cisco Unified Presence Operating System Administration, and select Security > Certificate Management. Upload the Cisco Adaptive Security Appliance self-signed certificate (for example, asa.pem file) as a cup-trust certificate.
View the certificate list. You can generate a new Cisco Unified Presence certificate by selecting Generate New, and save this certificate to your local machine. If you have previously generated a Cisco Unified Presence certificate, select this certificate in the certificate list, and proceed to the next step.
Select Download, and save the Cisco Unified Presence certificate to your local machine.
On ASDM interface, select Install Server's certificate, and upload the Cisco Unified Presence certificate to Cisco Adoptive Security Appliance.
First Identity Cert step, then Generate the CSR, sign it at the CA and finally Install Remote’s CA certNope, the majority of those steps were on my CA. A customer is unlikely to have a CA, they would obtain the certificate from a CA company such as Verisign.
Click Finish to complete the Unified Communications Wizard configuration.