Default Group Policy - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 30
Configuring Tunnel Groups, Group Policies, and Users
•
•
•
•
•
•
•
•
Default Group Policy
The security appliance supplies a default group policy. You can modify this default group policy, but you
cannot delete it. A default group policy, named DfltGrpPolicy, always exists on the security appliance,
but this default group policy does not take effect unless you configure the security appliance to use it.
When you configure other group policies, any attribute that you do not explicitly specify takes its value
from the default group policy. To view the default group policy, enter the following command:
hostname(config)# show running-config all group-policy DfltGrpPolicy
hostname(config)#
To configure the default group policy, enter the following command:
hostname(config)# group-policy DfltGrpPolicy internal
hostname(config)#
The default group policy is always internal. Despite the fact that the command syntax is
Note
hostname(config)# group-policy DfltGrpPolicy
to external.
To change any of the attributes of the default group policy, use the group-policy attributes command
to enter attributes mode, then specify the commands to change whatever attributes that you want to
modify:
hostname(config)# group-policy DfltGrpPolicy attributes
The attributes mode applies only to internal group policies.
Note
The default group policy, DfltGrpPolicy, that the security appliance provides is as follows:
group-policy DfltGrpPolicy internal
group-policy DfltGrpPolicy attributes
banner none
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 2000
vpn-idle-timeout none
vpn-session-timeout none
vpn-filter none
OL-10088-01
Client firewall settings
Tunneling protocols
IPSec settings
Hardware client settings
Filters
Client configuration settings
WebVPN functions
Connection settings
{
|
internal
external
Cisco Security Appliance Command Line Configuration Guide
Group Policies
}, you cannot change the type
30-31
Advertisement
Table of Contents
Troubleshooting
