01-19-2007 04:50 AM - edited 03-11-2019 02:22 AM
We have used Cisco ASA to protect Cisco Call Manager. Could Cisco ASA filter IP Phone users to login Call Manager's admin page such as URI filtering?
Thanks,
Raymond Chuang
01-19-2007 06:26 PM
Is the call manager is a different subnet or DMZ than the IP phones and the users ??? If the traffic is flowing through ASA, u can filter or deny https port from the user subnet to the CCM ...
access-list inside deny tcp 10.0.0.0 255.255.255.0 host 100.100.100.100 eq 443
this was just an example.. u can also use an additinal module on the ASA called CSC SSM to do URL filtering.. read about CSC on the CCO...
Hope this helps.. all the best. rate replies if found useful..
Raj
01-20-2007 08:07 AM
Hi Raj,
Right! CM is in inside, IP Phones and clients are at outside. We can't to filter https(443) as both phone user and CM admin need to use https to access CM's /ccmadmin or ccmuser folders. I found the URL filter need to bind with HTTP inspection but CM's access is HTTPS, is it possible?
Regards,
Raymond Chuang.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide