cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

1144
Views
0
Helpful
5
Replies
e.cormier
Beginner

79X5 VPN support on an IOS (or UC500) CME Router with certificates

I have a working 7965 VPN phone via an ASA5505 and 2811 CME router.  I would like to do 2 things.

1) Have the VPN Phone authentication via certificates. I don't want to enter a username and password everytime the phone powers up, I just want it to connect.  I can not find a document that provides clear instructions on how do that in a CME environment.

2) Have the phone VPN directly to the 2811 CME router. I can not find a document that provides clear instructions on this either.

I also undestand the VPN Phone support for the UC500 is on the roadmap but I think its still a few months away. This is really the end solution I am looking for.

Any help will be appreciated.

PS We are a Cisco Partner and have over 40 UC500 installations and this will be very helpful to our customer base.

5 REPLIES 5

UC500 support for 79xx phones with version 9.x phone loads supporting SSL VPN clients is not supported today.   Only the SPA525G.

Yes, I understand that. I made that point in my posting, hopefully someone else will reply to my 2 ques

tions. Thanks

I am sorry.

Hi

The answer to your second question where SSL VPN support directly to CME is not supported currently. The feature is SSL VPN DTLS and will be supported in CME 8.6 ( ETA March 2011).

Also for authentication we always recommend and have tested username / password based authentication for security purposes. Having said that only cert based authentication would work but we have not tested and hence do not have a sample guide.

Thanks

Mili

Thanks for the response, I look forward to CME 8.6 and guide.  On the certificate info, thanks again, if I figure out how to do it I will only charge a small fee to cisco for the sample guide.   Of course, if it becomes available, I would love to see it.