Cisco Unified Communications Manager Security Guide, Release 9.0(1)
VPN profile setup
Downloads: This chapterpdf (PDF - 354.0KB) The complete bookPDF (PDF - 3.67MB) | Feedback

VPN profile setup

VPN profile setup

This chapter provides information about VPN profile setup.


Note


The VPN menu and its options are not available in the U.S. export unrestricted version of Cisco Unified Communications Manager.


About VPN profile setup

Use the VPN Profile window to create a profile that you assign to the Cisco Unified IP Phone by using the Common Phone Profile Configuration window.

Find VPN profile

To find a VPN profile, perform the following procedure:

Procedure
    Step 1   In Cisco Unified Communications Manager Administration, choose Advanced Features > VPN > VPN Profile.

    The Find and List VPN Profiles window displays. Records from an active (prior) query may also display in the window.

    Step 2   To find all records in the database, ensure the dialog box is empty; go to Step 3.

    To filter or search records

    1. From the first drop-down list box, choose a search parameter.
    2. From the second drop-down list box, choose a search pattern.
    3. Specify the appropriate search text, if applicable.
      Note   

      To add additional search criteria, click the + button. When you add criteria, the system searches for a record that matches all criteria that you specify. To remove criteria, click the button to remove the last added criterion or click the Clear Filter button to remove all added search criteria.

    Step 3   Click Find.

    All matching records display. You can change the number of items that display on each page by choosing a different value from the Rows per Page drop-down list box.

    Step 4   From the list of records that display, click the link for the record that you want to view.
    Note   

    To reverse the sort order, click the up or down arrow, if available, in the list header.

    The window displays the item that you choose.


    Set up VPN profile

    To add, update, or copy a VPN profile, perform the following procedure:

    Procedure
      Step 1   In Cisco Unified Communications Manager Administration, choose Advanced Features > VPN > VPN Profile.
      Step 2   Perform one of the following tasks:
      1. To add a new profile, click Add New in the Find window and continue with VPN profile setup.
      2. To copy an existing profile, locate the appropriate profile and click the Copy button next to the VPN profile that you want to copy, then continue with VPN profile setup.
      3. To update an existing profile, locate the appropriate VPN profile and continue with VPN profile setup.

        When you click Add New, the configuration window displays with the default settings for each field. When you click Copy, the configuration window displays with the copied settings.

      Step 3   Enter the appropriate settings as described in Table 1.
      Step 4   Click Save.

      Related Tasks

      VPN profile configuration settings

      The following table provides descriptions for the VPN profile configuration settings.

      Table 1 VPN Profile Configuration Settings

      Field

      Definition

      Name

      Enter a name for the VPN profile.

      Description

      Enter a description for the VPN profile.

      Enable Auto Network Detect

      When you check this check box, the VPN client can only run when it detects that it is out of the corporate network.

      Default: Disabled.

      MTU

      Enter the size, in bytes, for the Maximum Transmission Unit (MTU).

      Default: 1290 bytes.

      Fail to Connect

      This field specifies the amount of time to wait for log-in or connect operations to complete while the system creates the VPN tunnel.

      Default: 30 seconds

      Enable Host ID Check

      When you check this check box, the gateway certificate subjectAltName or CN must match the URL to which the VPN client is connected.

      Default: Enabled

      Client Authentication Method

      From the drop-down list, choose the client authentication method:

      • User and password
      • Password only
      • Certificate (LSC or MIC)

      Enable Password Persistence

      When you check this check box, a user password gets saved in the phone until either a failed log-in attempt occurs, a user manually clears the password, or the phone resets or loses power.