15-19
Cisco ASA Series Firewall CLI Configuration Guide
Chapter15 Using the Cisco Unified Communication Wizard
Configuring the UC-IME by using the Unified Communication Wizard
Step1 To configure the Cisco Intercompany Media Engine Proxy as part of a basic deployment, select the
interface that connects to the local Cisco Unified Communications servers.
Or
To configure the Cisco Intercompany Media Engine Proxy as part of an off-path deployment, complete
the following steps:
a. From the Listening Interface drop-down list, choose the interface on which the ASA listens for the
mapping requests.
b. In the Port field, enter a number between 1024 and 65535 as the TCP port on which the ASA listens
for the mapping requests. The port number must be 1024 or higher to avoid conflicts with other
services on the device, such as Telnet or SSH. By default, the port number is TCP 8060.
c. From the UC-IME Interface drop-down list, choose the interface that the ASA uses to connect to the
remote ASA that is enabled with the Cisco Intercompany Media Engine Proxy.
Note In a basic and an off-path deployment, all Cisco Unified Communications servers must be on the same
interface.
Step2 In the Unified CM Servers area, the wizard displays the private IP address, public IP address, and
security mode of any Cisco Unified Communications server configured on the ASA. If necessary, click
Add to add a Cisco Unified Communications server. You must include an entry for each Cisco UCM in
the cluster with Cisco Intercompany Media Engine that has a SIP trunk enabled.
Step3 In the Ticket Epoch field, enter a integer from 1-255.
The epoch indicates the number of times that password has changed. When the proxy is configured the
first time and a password entered for the first time, enter 1 for the epoch integer. Each time you change
the password, increment the epoch to indicate the new password. You must increment the epoch value
each time your change the password. Typically, you increment the epoch sequentially; however, the
security appliance allows you to choose any value when you update the epoch.
If you change the epoch value, the current password is invalidated and you must enter a new password.
Step4 In the Ticket Password field, enter a minimum of 10 and a maximum of 64 printable character from the
US-ASCII character set. The allowed characters include 0x21 to 0x73 inclusive, and exclude the space
character. The ticket password is stored onto flash.
Note We recommend a password of at least 20 characters. Only one password can be configured at a
time.
The epoch and password that you configure on the ASA must match the epoch and password configured
on the Cisco Intercompany Media Engine server. See the Cisco Intercompany Media Engine server
documentation for information.
Step5 In the Confirm Password field, reenter the password.
Step6 In the X.509 Subject Name field, enter the distinguished name (DN) of the local enterprise. The name
that you enter must match the name configured for the Cisco Unified Communications servers in the
cluster. See the Cisco Unified Communications server documentation for information.
Step7 Click Next.