cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

1112
Views
0
Helpful
5
Replies
Highlighted
Beginner

79X5 VPN support on an IOS (or UC500) CME Router with certificates

I have a working 7965 VPN phone via an ASA5505 and 2811 CME router.  I would like to do 2 things.

1) Have the VPN Phone authentication via certificates. I don't want to enter a username and password everytime the phone powers up, I just want it to connect.  I can not find a document that provides clear instructions on how do that in a CME environment.

2) Have the phone VPN directly to the 2811 CME router. I can not find a document that provides clear instructions on this either.

I also undestand the VPN Phone support for the UC500 is on the roadmap but I think its still a few months away. This is really the end solution I am looking for.

Any help will be appreciated.

PS We are a Cisco Partner and have over 40 UC500 installations and this will be very helpful to our customer base.

5 REPLIES 5
Highlighted

UC500 support for 79xx phones with version 9.x phone loads supporting SSL VPN clients is not supported today.   Only the SPA525G.

Highlighted

Yes, I understand that. I made that point in my posting, hopefully someone else will reply to my 2 ques

tions. Thanks

Highlighted

I am sorry.

Highlighted

Hi

The answer to your second question where SSL VPN support directly to CME is not supported currently. The feature is SSL VPN DTLS and will be supported in CME 8.6 ( ETA March 2011).

Also for authentication we always recommend and have tested username / password based authentication for security purposes. Having said that only cert based authentication would work but we have not tested and hence do not have a sample guide.

Thanks

Mili

Highlighted

Thanks for the response, I look forward to CME 8.6 and guide.  On the certificate info, thanks again, if I figure out how to do it I will only charge a small fee to cisco for the sample guide.   Of course, if it becomes available, I would love to see it.