Table of Contents
Advertisement
Chapter 21
Cisco IOS SSL VPN
Dead Peer Detection Timeouts
Configure DNS and WINS servers Button
Configure Advanced Tunnel Options Button
Advanced Tunnel Options
Split Tunneling
OL-4015-12
Dead Peer Detection (DPD) allows a system to detect a peer that is no longer
responding. You can set separate timeouts that the router can use to detect clients
that are no longer responding, and servers that are no longer responding. The
range for both is from 0 to 3600 seconds.
Click to display the DNS and WINS Servers dialog, which allows you to provide
the IP addresses of the DNS and WINS servers on the corporate intranet that
clients should use when accessing intranet hosts and services.
Click to display the Advanced Tunnel Options dialog, which allows you to
configure tunnel settings for split tunneling, split DNS, and proxy server settings
for clients using Microsoft Internet Explorer.
The settings that you make in this dialog allow you to control the traffic that is
encrypted, specify the DNS servers on the corporate intranet, and specify the
proxy server settings that are to be sent to client browsers.
Encrypting all tunnel traffic may take excessive system resources. Split tunneling
allows you to specify the networks whose traffic should be encrypted, and exempt
traffic destined for other networks from encryption. You can either specify which
tunnel traffic is to be encrypted or you can specify the traffic that is not to be
encrypted and allow the router to encrypt all other tunnel traffic. You can only
build one list; included and excluded traffic are mutually exclusive.
Click Include traffic and use the Add, Edit, and Delete keys to build a list of
destination networks whose traffic is to be encrypted. Or, click Exclude traffic
and build a list of the destination networks whose traffic is not to be encrypted.
Click Exclude Local LANs to explicitly exclude from encryption client traffic
destined for LANs that the router is connected to. If there are networked printers
on these LANs, you must use this option.
Cisco Router and Security Device Manager 2.5 User's Guide
Editing SSL VPN Connections
21-31
Advertisement
Table of Contents
Troubleshooting
