Cisco Unified Communications Manager Security Guide, Release 8.0(2)
VPN Feature Configuration
Download this chapter
VPN Feature ConfigurationVPN Feature Configuration
Download the complete book
Cisco Unified Communications Manager Security Guide, Release 8.0(2)Cisco Unified Communications Manager Security Guide, Release 8.0(2) (PDF - 5 MB)
 Feedback

Table Of Contents

VPN Feature Configuration

Overview

VPN Feature Configuration Parameters


VPN Feature Configuration

This chapter describes the VPN feature configuration parameters and includes the following section:

Overview

VPN Feature Configuration Parameters

Overview

The VPN Feature Configuration window contains the common configuration settings for the VPN feature that the system uses when you do not associate a VPN Profile with a Common Phone Profile. If you define a VPN Profile as part of configuring a Common Phone Profile, the VPN Profile settings take precedence over the VPN Feature Configuration settings.

VPN Feature Configuration Parameters

To edit the VPN feature configuration parameters, follow this procedure:

Step 1 In Cisco Unified Communications Manager Administration, choose Advanced Features > VPN > VPN Feature Configuration.

The VPN Feature Configuration Window Displays.

Step 2 Accept the suggested values or enter a new value, as described in Table 19-1.

Step 3 Click Save.

Table 19-1 VPN Feature Configuration Parameters 

Field
Default

Enable Auto Network Detect

When True, the VPN client can only run when it detects that it is out of the corporate network.

Default: False

MTU

This field specifies the maximum transmission unit:

Default: 1290 bytes

Minimum: 256 bytes

Maximum: 1406 bytes

Keep Alive

This field specifies the rate at which the system sends the keep-alive message.

Note If it is non-zero and less than the value specified in Cisco Unified Communications Manager, the keep-alive setting in the VPN concentrator overwrites this setting.

Default: 60 seconds

Minimum: 0

Maximum: 120 seconds

Fail to Connect

This field specifies the amount of time to wait for log-in or connect operations to complete while the system creates the VPN tunnel.

Default: 30 seconds

Minimum: 0

Maximum: 600 seconds

Client Authentication Method

From the drop-down list, choose the client authentication method:

User and password

Password only

Certificate (LSC or MIC)

Default: User And Password

Enable Password Persistence

When True, a user password gets saved in the phone until either a failed log-in attempt occurs, a user manually clears the password, or the phone resets or loses power.

Default: False

Enable Host ID Check

When True, the gateway certificate subjectAltName or CN must match the URL to which the VPN client is connected.

Default: True