Chapter 65
Configuring Dynamic Access Policies
Client Type (Application)—Indicate the type of remote access connection, AnyConnect, Clientless,
•
Cut-through Proxy, IPsec, or L2TP.
•
Checksum (File)—Select the file and click the Compute Checksum button to arrive at this value.
Compute CRC32 Checksum (File)—Use this calculator to determine the checksum value of a file.
•
Posture Status (NAC)—Contains the posture token string received from ACS.
•
OS Version (Operating System)—Windows (various), MAC, Linux, Pocket PC.
•
Service Pack (Operating System)—Identify the service pack for the operating system.
•
Endpoint ID (File, Process, Registry)—A string that identifies an endpoint for files, processes or
•
registry entries. DAP uses this ID to match Cisco Secure Desktop host scan attributes for DAP
selection. You must configure Host Scan before you configure this attribute. When you configure
Host Scan, the configuration displays in this pane, so you can select it, reducing the possibility of
errors in typing or syntax.
Path (Process, Policy)—Configure Host Scan before you configure this attribute. When you
•
configure Host Scan, the configuration displays in this pane, so you can select it, reducing the
possibility of errors in typing or syntax.
Value (Registry)—dword or string
•
Caseless (Registry)—Select to disregard case in registry entries.
•
VLAN ID (VLAN)—A valid 802.1q number ranging from 1 to 4094
•
VLAN Type (VLAN)—Possible values include the following:
•
ACCESS
STATIC
TIMEOUT
AUTH
GUEST
QUARANTINE
ERROR
Policy (Location)—Enter the Cisco Secure Desktop Microsoft Windows location profile, case
•
sensitive.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
OL-20339-01
Posture assessment passed
No posture assessment applied
Posture assessment failed due to no response
Posture assessment still active
Posture assessment passed, switch to guest VLAN
Posture assessment failed, switch to quarantine VLAN
Posture assessment failed due to fatal error
Security Context
Transparent Single
•
•
Multiple
Context
System
—
—
Cisco ASA 5500 Series Configuration Guide using ASDM
Understanding VPN Access Policies
65-21