This document describes how to establish IPsec connectivity between the Cisco Unified Communications Manager (CUCM) nodes within a cluster.
Cisco recommends that you have knowledge of the CUCM.
The information in this document is based on the CUCM Version 10.5(1).
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Use the information that is described in this section in order to configure the CUCM and establish IPsec connectivity between the nodes in a cluster.
Here are the steps that are involved in this procedure, each of which is detailed in the sections that follow:
Complete these steps in order to verify the IPsec connectivity between the nodes:
If there is no IPsec connectivity, then you see results similar to this:
Complete these steps in order to check the IPsec certificates:
In order to enable IPsec connectivity, you must have an IPsec certificate from one node set as an ipsec-trust certificate on the other node:
Complete these steps in order to download the IPsec root certificate from the Subscriber node:
Complete these steps in order to upload the IPsec root certificate from the Subscriber node to the Publisher node:
Complete these steps in order to configure the IPsec policy:
*****
PUBLISHER : 10.106.122.155 & cucm912pub.pem
SUBSCRIBER: 10.106.122.15 & cucm10sub.pem
*****
Complete these steps in order to verify that your configuration works and that the IPsec connectivity between the nodes is established:
If the IPsec connectivity has been established, then you see a message similar to this:
There is currently no specific troubleshooting information available for this configuration.
Revision | Publish Date | Comments |
---|---|---|
1.0 |
21-Apr-2015
|
Initial Release |