Cisco ASA 5505 Configuration Manual page 70

New Features
Table 1-4 New Features for ASDM Version 6.3(1)/ASA Version 8.3(1) (Unless Otherwise Noted) (continued)
Feature
IPv6 support for IKEv1
LAN-to-LAN VPN
connections
Plug-in for AnyConnect
Profile Editor
SSL VPN Portal
Customization Editor
Cisco ASA 5500 Series Configuration Guide using ASDM
1-8
Description
For LAN-to-LAN connections using mixed IPv4 and IPv6 addressing, or all IPv6 addressing,
the adaptive security appliance supports VPN tunnels if both peers are Cisco ASA 5500 series
adaptive security appliances, and if both inside networks have matching addressing schemes
(both IPv4 or both IPv6).
Specifically, the following topologies are supported when both peers are Cisco ASA 5500
series adaptive security appliances:
The adaptive security appliances have IPv4 inside networks and the outside network is
•
IPv6 (IPv4 addresses on the inside interfaces and IPv6 addresses on the outside interfaces).
The adaptive security appliances have IPv6 inside networks and the outside network is
•
IPv4 (IPv6 addresses on the inside interface and IPv4 addresses on the outside interfaces).
The adaptive security appliances have IPv6 inside networks and the outside network is
•
IPv6 (IPv6 addresses on the inside and outside interfaces).
The defect CSCtd38078 currently prevents the Cisco ASA 5500 series from connecting
Note
to a Cisco IOS device as the peer device of a LAN-to-LAN connection.
The following screens were modified or introduced:
Wizards > IPsec VPN Wizard, Configuration > Site-to-Site VPN > Connection Profiles
Configuration > Site-to-Site VPN > Connection Profiles > Basic > Add IPsec Site-to-Site
Connection Profile
Configuration > Site-to-Site VPN > Group Policies
Configuration > Site-to-Site VPN > Group Policies > Edit Internal Group Policy
Configuration > Site-to-Site VPN > Advanced > Crypto Maps
Configuration > Site-to-Site VPN > Advanced > Crypto Maps > Add > Create IPsec Rule
Configuration > Site-to-Site VPN > Advanced > ACL Manager
The AnyConnect Profile Editor is a convenient GUI-based configuration tool you can use to
configure the AnyConnect 2.5 or later client profile, an XML file containing settings that
control client features. Previously, you could only change profile settings manually by editing
the XML tags in the profile file. The AnyConnect Profile Editor is a plug-in binary file named
anyconnectprof.sgz packaged with the ASDM image and installed in the root directory of
disk0:/ in the flash memory on the adaptive security appliance. This design allows you to
update the editor to be compatible with new AnyConnect features available in new client
releases.
You can rebrand and customize the screens presented to clientless SSL VPN users using the
new Edit Customization Object window in ASDM. You can customize the logon, portal and
logout screens, including corporate logos, text messages, and the general layout. Previously,
the customization feature was embedded in the adaptive security appliance software image.
Moving it to ASDM provides greater usability for this feature and future enhancements.
The following screen was modified: Configuration > Remote Access VPN > Clientless SSL
VPN Access > Portal > Customization.
Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance
OL-20339-01