I have a working 7965 VPN phone via an ASA5505 and 2811 CME router. I would like to do 2 things.
1) Have the VPN Phone authentication via certificates. I don't want to enter a username and password everytime the phone powers up, I just want it to connect. I can not find a document that provides clear instructions on how do that in a CME environment.
2) Have the phone VPN directly to the 2811 CME router. I can not find a document that provides clear instructions on this either.
I also undestand the VPN Phone support for the UC500 is on the roadmap but I think its still a few months away. This is really the end solution I am looking for.
Any help will be appreciated.
PS We are a Cisco Partner and have over 40 UC500 installations and this will be very helpful to our customer base.
The answer to your second question where SSL VPN support directly to CME is not supported currently. The feature is SSL VPN DTLS and will be supported in CME 8.6 ( ETA March 2011).
Also for authentication we always recommend and have tested username / password based authentication for security purposes. Having said that only cert based authentication would work but we have not tested and hence do not have a sample guide.
Thanks for the response, I look forward to CME 8.6 and guide. On the certificate info, thanks again, if I figure out how to do it I will only charge a small fee to cisco for the sample guide. Of course, if it becomes available, I would love to see it.