51-14
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter51 Configuring Cisco Unified Presence
Monitoring Cisco Unified Presence
Monitoring Cisco Unified Presence
Debugging is similar to debugging TLS proxy for IP Telephony. You can enable TLS proxy debug flags
along with SSL syslogs to debug TLS proxy connection problems.
For example, use the following commands to enable TLS proxy-related debug and syslog output only:
hostname(config)# debug inspect tls-proxy events
hostname(config)# debug inspect tls-proxy errors
hostname(config)# logging enable
hostname(config)# logging timestamp
hostname(config)# logging list loglist message 711001
hostname(config)# logging list loglist message 725001-725014
hostname(config)# logging list loglist message 717001-717038
hostname(config)# logging buffer-size 1000000
hostname(config)# logging buffered loglist
hostname(config)# logging debug-trace
For information about TLS proxy debugging techniques and sample output, see Monitoring the TLS
Proxy, page49-15.
Enable the debug sip command for SIP inspection engine debugging. See the command reference.
Additionally, you can capture the raw and decrypted data by the TLS proxy by entering the following
commands:
hostname# capture mycap interface outside (capturing raw packets)
hostname# capture mycap-dec type tls-proxy interface outside (capturing decrypted data)
hostname# show capture capture_name
hostname# copy /pcap capture:capture_name tftp://tftp_location
Configuration Example for Cisco Unified Presence
This section contains the following topics:
��Example Configuration for SIP Federation Deployments, page51-15
Step8 hostname(config)# policy-map name
Example:
hostname(config)# policy-map global_policy
Configure the policy map and attach the action to the
class of traffic.
Step9 hostname(config-pmap)# class classmap_name
Example:
hostname(config-pmap)# class ent_x_to_y
Assigns a class map to the policy map so that you
can assign actions to the class map traffic.
Where classmap_name is the name of the SIP class
map.
Step10 hostname(config-pmap)# inspect sip sip_map tls-proxy
proxy_name
hostname(config-pmap)# inspect sip sip_inspect
tls-proxy ent_x_to_y
Enables TLS proxy for the specified SIP inspection
session.
Step11 hostname(config-pmap)# exit Exits from Policy Map configuration mode.
Step12 hostname(config)# service-policy policy_map_name
global
Example:
hostname(config)# service-policy global_policy
global
Enables the service policy for SIP inspection for all
interfaces.
Where name for the policy-map command is the
name of the global policy map.
Command Purpose