Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2648
Views
0
Helpful
3
Replies

SSL vs. UC Proxy

christophersullivan
Level 1
Level 1

‎05-31-2012 07:42 AM

Hello,

I work for a company that has remote users around the country and we wanted to deploy cisco phones to each of them. We have a 5510 ASA and were able to purchase a AnyConnect VPN license however, by default the ASA only has 2 SSL connections (for admin I believe). I was thinking that a SSL license would cover the rest of the employees however I was told that the UC Proxy would do it. I do not want to purchase the wrong thing but it would seem like we would need more SSL licenses because we are able to have 2 phones connected. Please help, I am somewhat new to the ASA security aspect. Thank you.

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎05-31-2012 08:13 PM

If you purchase AnyConnect VPN license, that would give you the ability to create VPN tunnel and access company resources, and at the same time connect phones as well.

With UC Proxy, you only have the ability to connect to phones, but no VPN functionality.

If you do not require VPN at all, then UC Proxy, however, if you require both phones and VPN access, then AnyConnect VPN license would be the way to go.

Please also be advised that it is slightly complicated to configure UC feature on ASA, and please also check the limitation and configuration guide on this feature:

www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/unified_comm.html

0 Helpful

christophersullivan
Level 1
Level 1
In response to Jennifer Halim

‎06-01-2012 06:56 AM

Thank you for your reply. We already have the security plus license VPN for our data traffic but the new license is going towards our VoIP phones. The remote users will be using the cisco IP phone 7942 using a SSL connection.

From what I am reading, because we already have a VPN in place, the IC Proxy would work for just the phones? Sorry about this, the licensing for cisco it hard to understand.

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to christophersullivan

‎06-01-2012 07:54 PM

The security plus license does not include SSL VPN Client (AnyConnect) connection. That would only give you the IPSec VPN Client connection to the ASA.

The UC Proxy license would allow you to SSL directly from the phone towards the ASA firewall, no other client is required. If you are using soft phones from your computer, then VPN Client would work, however, if you are using hard phones then UC Proxy would be the way to go.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents