Cisco Unified Communications Manager Security Guide, Release 8.6(1)
VPN Feature Configuration
Downloads: This chapterpdf (PDF - 342.0 KB) The complete bookPDF (PDF - 6.02 MB) | Feedback

Table Of Contents

VPN Feature Configuration


VPN Feature Configuration Parameters

VPN Feature Configuration

Note The VPN menu and its options are not available in the U.S. export unrestricted version of Cisco Unified Communications Manager.

This chapter describes the VPN feature configuration parameters and includes the following section:


VPN Feature Configuration Parameters


The VPN Feature Configuration window contains the common configuration settings for the VPN feature that the system uses when you do not associate a VPN Profile with a Common Phone Profile. If you define a VPN Profile as part of configuring a Common Phone Profile, the VPN Profile settings take precedence over the VPN Feature Configuration settings.

VPN Feature Configuration Parameters

To edit the VPN feature configuration parameters, follow this procedure:

Step 1 In Cisco Unified Communications Manager Administration, choose Advanced Features > VPN > VPN Feature Configuration.

The VPN Feature Configuration Window Displays.

Step 2 Accept the suggested values or enter a new value, as described in Table 21-1.

Step 3 Click Save.

Table 21-1 VPN Feature Configuration Parameters 


Enable Auto Network Detect

When True, the VPN client can only run when it detects that it is out of the corporate network.

Default: False


This field specifies the maximum transmission unit:

Default: 1290 bytes

Minimum: 256 bytes

Maximum: 1406 bytes

Keep Alive

This field specifies the rate at which the system sends the keep-alive message.

Note If it is non-zero and less than the value specified in Cisco Unified Communications Manager, the keep-alive setting in the VPN concentrator overwrites this setting.

Default: 60 seconds

Minimum: 0

Maximum: 120 seconds

Fail to Connect

This field specifies the amount of time to wait for log-in or connect operations to complete while the system creates the VPN tunnel.

Default: 30 seconds

Minimum: 0

Maximum: 600 seconds

Client Authentication Method

From the drop-down list, choose the client authentication method:

User and password

Password only

Certificate (LSC or MIC)

Default: User And Password

Enable Password Persistence

When True, a user password gets saved in the phone until either a failed log-in attempt occurs, a user manually clears the password, or the phone resets or loses power.

Default: False

Enable Host ID Check

When True, the gateway certificate subjectAltName or CN must match the URL to which the VPN client is connected.

Default: True