Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
612
Views
0
Helpful
2
Replies

how control access CM's "ccmadmin" page through ASA

raymond.chuang
Level 1
Level 1

‎01-19-2007 04:50 AM - edited ‎03-11-2019 02:22 AM

We have used Cisco ASA to protect Cisco Call Manager. Could Cisco ASA filter IP Phone users to login Call Manager's admin page such as URI filtering?

Thanks,

Raymond Chuang

Labels:
0 Helpful
2 Replies 2

sachinraja
Level 9
Level 9

‎01-19-2007 06:26 PM

Is the call manager is a different subnet or DMZ than the IP phones and the users ??? If the traffic is flowing through ASA, u can filter or deny https port from the user subnet to the CCM ...

access-list inside deny tcp 10.0.0.0 255.255.255.0 host 100.100.100.100 eq 443

this was just an example.. u can also use an additinal module on the ASA called CSC SSM to do URL filtering.. read about CSC on the CCO...

Hope this helps.. all the best. rate replies if found useful..

Raj

0 Helpful

raymond.chuang
Level 1
Level 1
In response to sachinraja

‎01-20-2007 08:07 AM

Hi Raj,

Right! CM is in inside, IP Phones and clients are at outside. We can't to filter https(443) as both phone user and CM admin need to use https to access CM's /ccmadmin or ccmuser folders. I found the URL filter need to bind with HTTP inspection but CM's access is HTTPS, is it possible?

Regards,

Raymond Chuang.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card