I work for a company that has remote users around the country and we wanted to deploy cisco phones to each of them. We have a 5510 ASA and were able to purchase a AnyConnect VPN license however, by default the ASA only has 2 SSL connections (for admin I believe). I was thinking that a SSL license would cover the rest of the employees however I was told that the UC Proxy would do it. I do not want to purchase the wrong thing but it would seem like we would need more SSL licenses because we are able to have 2 phones connected. Please help, I am somewhat new to the ASA security aspect. Thank you.
Thank you for your reply. We already have the security plus license VPN for our data traffic but the new license is going towards our VoIP phones. The remote users will be using the cisco IP phone 7942 using a SSL connection.
From what I am reading, because we already have a VPN in place, the IC Proxy would work for just the phones? Sorry about this, the licensing for cisco it hard to understand.
The security plus license does not include SSL VPN Client (AnyConnect) connection. That would only give you the IPSec VPN Client connection to the ASA.
The UC Proxy license would allow you to SSL directly from the phone towards the ASA firewall, no other client is required. If you are using soft phones from your computer, then VPN Client would work, however, if you are using hard phones then UC Proxy would be the way to go.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...