Cisco ASA 5505 Configuration Manual page 1277
Asa 5500 series
Hide thumbs
Also See for ASA 5505:
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages) ,
- Hardware installation manual (82 pages)
Table of Contents
Advertisement
Chapter 62
VPN
Attributes Pushed to Client
Use the Attributes Pushed to Client (Optional) pane to have the adaptive security appliance pass
information about DNS and WINS servers and the default domain name to remote access clients.
Fields
Provide information for remote access clients to use.
•
•
•
•
•
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
IPsec Settings (Optional)
Use the IPsec Settings (Optional) pane to identify local hosts/networks which do not require address
translation. By default, the adaptive security appliance hides the real IP addresses of internal hosts and
networks from outside hosts by using dynamic or static Network Address Translation (NAT). NAT
minimizes risks of attack by untrusted outside hosts, but may be improper for those who have been
authenticated and protected by VPN.
For example, an inside host using dynamic NAT has its IP address translated by matching it to a
randomly selected address from a pool. Only the translated address is visible to the outside. Remote VPN
clients that attempt to reach these hosts by sending data to their real IP addresses cannot connect to these
hosts, unless you configure a NAT exemption rule.
If you want all hosts and networks to be exempt from NAT, configure nothing on this pane. If you have
Note
even one entry, all other hosts and networks are subject to NAT.
Fields
•
OL-20339-01
Tunnel Group—Displays the name of the connection policy to which the address pool applies. You
set this name in the VPN Client Name and Authentication Method pane.
Primary DNS Server—Type the IP address of the primary DNS server.
Secondary DNS Server—Type the IP address of the secondary DNS server.
Primary WINS Server—Type the IP address of the primary WINS server.
Secondary WINS Server— Type the IP address of the secondary WINS server.
Default Domain Name—Type the default domain name.
Security Context
Transparent Single
—
•
Host/Network to Be Added—Complete these fields to exempt a particular host or network from
NAT.
Interface—Select the name of the interface that connects to the hosts or networks you have
–
selected.
Multiple
Context
System
—
—
Cisco ASA 5500 Series Configuration Guide using ASDM
VPN Wizard
62-13
- Quick Links:
- Starting Asdm
- Downloading the Asdm Launcher
Hide quick links:
Advertisement
Chapters
Table of Contents
