Cisco ASA 5505 Configuration Manual page 1359

Chapter 64 General VPN Setup
•
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Setting the Basic Attributes for an SSL VPN Connection
To set the basic attributes for an SSL VPN connection, choose Add or Edit in the Connection Profiles
section. The Add (or Edit) SSL VPN Connection > Basic dialog box opens.
Fields
Set the attributes in the Add SSL VPN Connection > Basic dialog box as follows:
•
•
•
OL-20339-01
Access Port—Specify the port for SSL VPN client connections. The default value is 443.
–
DTLS Port—Specify the port for DTLS connections. The default value is 443.
–
Login Page Setting—Allow the user to select a connection profile, identified by its alias, on the login
page. If you do not check this check box, the default connection profile is DefaultWebVPNGroup.
Connection Profiles—Configure protocol-specific attributes for connections (tunnel groups).
Add/Edit—Click to Add or Edit a Connection Profile (tunnel group).
–
Name—The name of the Connection Profile.
–
Aliases—Other names by which the Connection Profile is known.
–
SSL VPN Client Protocol—Specifies whether SSL VPN client have access.
–
Group Policy—Shows the default group policy for this Connection Profile.
–
Allow user to select connection, identified by alias in the table above, at login page—Check to
–
enable the display of Connection Profile (tunnel group) aliases on the Login page.
Security Context
Transparent Single
—
•
Name—For Add, specify the name of the connection profile you are adding. For Edit, this field is
not editable.
Aliases—(Optional) Enter one or more alternative names for the connection. You can spaces or
punctuation to separate the names.
Authentication—Choose one of the following methods to use to authenticate the connection and
specify a AAA server group to use in authentication.
AAA, Certificate, or Both—Select the type of authentication to use: AAA, Certificate, or Both.
–
If you choose either Certificate or Both, the user must provide a certificate in order to connect.
AAA Server Group—Choose a AAA server group from the drop-down list. The default setting
–
is LOCAL, which specifies that the adaptive security appliance handles the authentication.
Before making a selection, you can click Manage to open a dialog box over this dialog box to
view or make changes to the adaptive security appliance configuration of AAA server groups.
Choosing something other than LOCAL makes available the Use LOCAL if Server Group Fails
–
check box.
Multiple
Context System
— —
Cisco ASA 5500 Series Configuration Guide using ASDM
Configuring SSL VPN Connections
64-49