1-6
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the TLS Proxy for Encrypted Voice Inspection
Licensing for the TLS Proxy
ASA 5580
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, 3000, 5000, or 10,000 sessions.
2
ASA 5512-X
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, or 500 sessions.
ASA 5515-X
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, or 500 sessions.
ASA 5525-X
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, or 1000 sessions.
ASA 5545-X
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, or 2000 sessions.
ASA 5555-X
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, or 3000 sessions.
ASA 5585-X with
SSP-10
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, or 3000 sessions.
ASA 5585-X with
SSP-20, -40, or -60
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, 3000, 5000, or 10,000 sessions.
ASA SM
Base License: 2 sessions.
Optional licenses: 24, 50, 100, 250, 500, 750, 1000, 2000, 3000, 5000, or 10,000 sessions.
1.
The following applications use TLS proxy sessions for their connections. Each TLS proxy session used by these applications (and only these applications)
is counted against the UC license limit:
- Phone Proxy
- Presence Federation Proxy
- Encrypted Voice Inspection
Other applications that use TLS proxy sessions do not count towards the UC limit, for example, Mobility Advantage Proxy (which does not require a
license) and IME (which requires a separate IME license).
Some UC applications might use multiple sessions for a connection. For example, if you configure a phone with a primary and backup Cisco Unified
Communications Manager, there are 2 TLS proxy connections, so 2 UC Proxy sessions are used.
You independently set the TLS proxy limit using the
tls-proxy maximum-sessions
command. To view the limits of your model, enter the
tls-proxy
maximum-sessions ?
command. When you apply a UC license that is higher than the default TLS proxy limit, the security appliance automatically sets
the TLS proxy limit to match the UC limit. The TLS proxy limit takes precedence over the UC license limit; if you set the TLS proxy limit to be less than
the UC license, then you cannot use all of the sessions in your UC license.
Note
: For license part numbers ending in “K8” (for example, licenses under 250 users), TLS proxy sessions are limited to 1000. For license part numbers
ending in “K9” (for example, licenses 250 users or larger), the TLS proxy limit depends on the configuration, up to the model limit. K8 and K9 refer to
whether the license is restricted for export: K8 is unrestricted, and K9 is restricted.
Note
: If you clear the configuration (using the
clear configure all
command, for example), then the TLS proxy limit is set to the default for your model;
if this default is lower than the UC license limit, then you see an error message to use the tls-proxy maximum-sessions command to raise the limit again
. If you use failover and enter the
write standby
command on the primary unit to force a configuration synchronization, the
clear configure all
command
is generated on the secondary unit automatically, so you may see the warning message on the secondary unit. Because the configuration synchronization
restores the TLS proxy limit set on the primary unit, you can ignore the warning.
You might also use SRTP encryption sessions for your connections:
- For K8 licenses, SRTP sessions are limited to 250.
- For K9 licenses, there is not limit.
Note
: Only calls that require encryption/decryption for media are counted towards the SRTP limit; if passthrough is set for the call, even if both legs are
SRTP, they do not count towards the limit.
Model
License Requirement
1
Содержание 5505 - ASA Firewall Edition Bundle
Страница 28: ...Glossary GL 24 Cisco ASA Series CLI Configuration Guide ...
Страница 61: ...P A R T 1 Getting Started with the ASA ...
Страница 62: ......
Страница 218: ...1 56 Cisco ASA Series CLI Configuration Guide Chapter 1 Managing Feature Licenses Feature History for Licensing ...
Страница 219: ...P A R T 2 Configuring High Availability and Scalability ...
Страница 220: ......
Страница 358: ...1 22 Cisco ASA Series CLI Configuration Guide Chapter 1 Information About Failover Failover Messages ...
Страница 403: ...P A R T 2 Configuring Interfaces ...
Страница 404: ......
Страница 499: ...P A R T 2 Configuring Basic Settings ...
Страница 500: ......
Страница 516: ...1 16 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Basic Settings Monitoring DNS Cache ...
Страница 533: ...P A R T 2 Configuring Objects and Access Lists ...
Страница 534: ......
Страница 558: ...1 4 Cisco ASA Series CLI Configuration Guide Chapter 1 Information About Access Lists Where to Go Next ...
Страница 601: ...P A R T 2 Configuring IP Routing ...
Страница 602: ......
Страница 632: ...1 8 Cisco ASA Series CLI Configuration Guide Chapter 1 Defining Route Maps Feature History for Route Maps ...
Страница 680: ...1 48 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring OSPF Feature History for OSPF ...
Страница 745: ...P A R T 2 Configuring Network Address Translation ...
Страница 746: ......
Страница 780: ...1 34 Cisco ASA Series CLI Configuration Guide Chapter 1 Information About NAT Where to Go Next ...
Страница 844: ...1 32 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Twice NAT Feature History for Twice NAT ...
Страница 845: ...P A R T 2 Configuring AAA Servers and the Local Database ...
Страница 846: ......
Страница 859: ...1 13 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring AAA Servers and the Local Database Configuring AAA ...
Страница 871: ...1 25 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring AAA Servers and the Local Database Configuring AAA ...
Страница 981: ...P A R T 2 Configuring Access Control ...
Страница 982: ......
Страница 994: ...1 12 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Access Rules Feature History for Access Rules ...
Страница 1028: ...1 34 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Management Access Feature History for Management Access ...
Страница 1054: ...1 26 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring AAA Rules for Network Access Feature History for AAA Rules ...
Страница 1060: ...1 6 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Web Cache Services Using WCCP Feature History for WCCP ...
Страница 1061: ...P A R T 2 Configuring Service Policies Using the Modular Policy Framework ...
Страница 1062: ......
Страница 1093: ...P A R T 2 Configuring Application Inspection ...
Страница 1094: ......
Страница 1191: ...P A R T 2 Configuring Unified Communications ...
Страница 1192: ......
Страница 1333: ...P A R T 2 Configuring Connection Settings and QoS ...
Страница 1334: ......
Страница 1370: ...1 20 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring QoS Feature History for QoS ...
Страница 1379: ...P A R T 2 Configuring Advanced Network Protection ...
Страница 1380: ......
Страница 1448: ...1 20 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Threat Detection Configuration Examples for Threat Detection ...
Страница 1474: ...1 18 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Filtering Services Monitoring Filtering Statistics ...
Страница 1475: ...P A R T 2 Configuring Modules ...
Страница 1476: ......
Страница 1504: ...1 28 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring the ASA IPS Module Feature History for the ASA IPS module ...
Страница 1528: ...1 24 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring the ASA CX Module Feature History for the ASA CX Module ...
Страница 1548: ...1 20 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring the ASA CSC Module Feature History for the CSC SSM ...
Страница 1549: ...P A R T 2 Configuring VPN ...
Страница 1550: ......
Страница 1592: ...1 42 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring IPsec and ISAKMP Supporting the Nokia VPN Client ...
Страница 1612: ...1 20 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring L2TP over IPsec Feature History for L2TP over IPsec ...
Страница 1796: ...1 6 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring the PPPoE Client Using Related Commands ...
Страница 1965: ...P A R T 2 Configuring Logging SNMP and Smart Call Home ...
Страница 1966: ......
Страница 1988: ...1 22 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring Logging Feature History for Logging ...
Страница 2002: ...1 14 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring NetFlow Secure Event Logging NSEL Feature History for NSEL ...
Страница 2036: ...1 34 Cisco ASA Series CLI Configuration Guide Chapter 1 Configuring SNMP Feature History for SNMP ...
Страница 2059: ...P A R T 2 System Administration ...
Страница 2060: ......
Страница 2098: ...1 8 Cisco ASA Series CLI Configuration Guide Chapter 1 Troubleshooting Viewing the Coredump ...
Страница 2099: ...P A R T 2 Reference ...
Страница 2100: ......