ACL Manager
Firewall Mode
Routed
•
Client Firewall
Client Firewall allows you to choose a rule from AnyConnect SSL VPN or IPSec clients that have been
defined in the device. You can set the rules for either IPv4 or IPv6. To manage the ACLs, click Manage
for a list of existing IPsec client firewalls in the group policy editor.
Note
Fields
•
•
•
•
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Key Regeneration
Rekey Negotiation occurs when the security appliance and the client perform a rekey and they
renegotiate the crypto keys and initialization vectors, increasing the security of the connection.
Fields
•
•
Modes
The following table shows the modes in which this feature is available:
Cisco ASA 5500 Series Configuration Guide using ASDM
64-24
Security Context
Transparent Single
—
•
This feature requires an AnyConnect release that supports the Cisco Secure Mobility solution.
Public Network Rule—Use the drop-down list to choose from the existing defined ACLs.
Manage—Displays the ACL Manager dialog box, with which you can add, edit, and delete Access
Control Lists (ACLs) and Extended Access Control Lists (ACEs).
Private Network Rule—Use the drop-down list to choose from the existing defined ACLs.
Manage—Displays the ACL Manager dialog box, with which you can add, edit, and delete Access
Control Lists (ACLs) and Extended Access Control Lists (ACEs).
Security Context
Transparent Single
—
•
Renegotiation Interval—Uncheck the Unlimited check box to specify the number of minutes from
the start of the session until the rekey takes place, from 1 to 10080 (1 week).
Renegotiation Method—Check the None check box to disable rekey, check the SSL check box to
specify SSL renegotiation during a rekey, or check the New Tunnel check box to establish a new
tunnel during rekey.
Multiple
Context
System
—
—
Multiple
Context
System
—
—
Chapter 64
General VPN Setup
OL-20339-01