Cisco Unified Communications Manager Security Guide, Release 8.0(1)
VPN Feature Configuration
Downloads: This chapterpdf (PDF - 340.0 KB) The complete bookPDF (PDF - 2.63 MB) | Feedback

VPN Feature Configuration

Table Of Contents

VPN Feature Configuration


VPN Feature Configuration Parameters

VPN Feature Configuration

This chapter describes the VPN feature configuration parameters and includes the following section:


VPN Feature Configuration Parameters


The VPN Feature Configuration window contains the common configuration settings for the VPN feature that the system uses when you do not associate a VPN Profile with a Common Phone Profile. If you define a VPN Profile as part of configuring a Common Phone Profile, the VPN Profile settings take precedence over the VPN Feature Configuration settings.

VPN Feature Configuration Parameters

To edit the VPN feature configuration parameters, follow this procedure:

Step 1 In Cisco Unified Communications Manager Administration, choose Advanced Features > VPN > VPN Feature Configuration.

The VPN Feature Configuration Window Displays.

Step 2 Accept the suggested values or enter a new value, as described in Table 19-1.

Step 3 Click Save.

Table 19-1 VPN Feature Configuration Parameters 


Enable Auto Network Detect

When True, the VPN client can only run when it detects that it is out of the corporate network.

Default: False


This field specifies the maximum transmission unit:

Default: 1290 bytes

Minimum: 256 bytes

Maximum: 1406 bytes

Keep Alive

This field specifies the rate at which the system sends the keep-alive message.

Note If it is non-zero and less than the value specified in Cisco Unified Communications Manager, the keep-alive setting in the VPN concentrator overwrites this setting.

Default: 60 seconds

Minimum: 0

Maximum: 120 seconds

Fail to Connect

This field specifies the amount of time to wait for log-in or connect operations to complete while the system creates the VPN tunnel.

Default: 30 seconds

Minimum: 0

Maximum: 600 seconds

Client Authentication Method

From the drop-down list, choose the client authentication method:

User and password

Password only

Certificate (LSC or MIC)

Default: User And Password

Enable Password Persistence

When True, a user password gets saved in the phone until either a failed log-in attempt occurs, a user manually clears the password, or the phone resets or loses power.

Default: False

Enable Host ID Check

When True, the gateway certificate subjectAltName or CN must match the URL to which the VPN client is connected.

Default: True