Cisco ASA 5505 Configuration Manual page 1274

VPN Wizard
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Client Authentication
Use the Client Authentication pane to select the method by which the adaptive security appliance
authenticates remote users.
Fields
Select one of the following options:
•
•
•
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Cisco ASA 5500 Series Configuration Guide using ASDM
62-10
Certificate Signing Algorithm—Displays the algorithm for signing digital certificates, rsa-sig
–
for RSA.
– Challenge/response authentication (CRACK)—Provides strong mutual authentication when the
client authenticates using a popular method such as RADIUS and the server uses public key
authentication. The security appliance supports CRACK as an IKE option in order to
authenticate the Nokia VPN Client on Nokia 92xx Communicator Series devices.
Name—Type a name to create the record that contains tunnel connection policies for this IPsec
connection. A connection policy can specify authentication, authorization, and accounting servers,
a default group policy, and IKE attributes. A connection policy that you configure with this VPN
wizard specifies an authentication method, and uses the adaptive security appliance Default Group
Policy.
Security Context
Transparent Single
— •
Authenticate using the local user database—Click to use authentication internal to the adaptive
security appliance. Use this method for environments with a small, stable number of users. The next
pane lets you create accounts on the adaptive security appliance for individual users.
Authenticate using an AAA server group—Click to use an external server group for remote user
authentication.
AAA Server Group Name—Choose a AAA server group configured previously.
New ...—Click to configure a new AAA server group.
Security Context
Transparent Single
—
•
Multiple
Context System
— —
Multiple
Context System
— —
Chapter 62 VPN
OL-20339-01