Cisco ASA Series Cli Configuration Manual page 1642
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Configuring Connection Profiles
Configuring Remote-Access Connection Profiles
Use a remote-access connection profile when setting up a connection between the following remote
clients and a central-site ASA:
We also provide a default group policy named DfltGrpPolicy.
To configure an remote-access connection profile, first configure the tunnel-group general attributes,
then the remote-access attributes. See the following sections:
•
•
•
•
•
Specifying a Name and Type for the Remote Access Connection Profile
Create the connection profile, specifying its name and type, by entering the tunnel-group command. For
an remote-access tunnel, the type is remote-access:
hostname(config)# tunnel-group tunnel_group_name type remote-access
hostname(config)#
For example, to create an remote-access connection profile named TunnelGroup1, enter the following
command:
hostname(config)# tunnel-group TunnelGroup1 type remote-access
hostname(config)#
Configuring Remote-Access Connection Profile General Attributes
To configure or change the connection profile general attributes, specify the parameters in the following
steps:
Step 1
To configure the general attributes, enter the tunnel-group general-attributes task in either single or
multiple context mode, which enters tunnel-group general-attributes configuration mode. The prompt
changes to indicate the change in mode.
hostname(config)# tunnel-group tunnel_group_name general-attributes
hostname(config-tunnel-general)#
Step 2
Specify the name of the authentication-server group, if any, to use. If you want to use the LOCAL
database for authentication if the specified server group fails, append the keyword LOCAL:
hostname(config-tunnel-general)# authentication-server-group [(interface_name)] groupname
[LOCAL]
hostname(config-tunnel-general)#
Cisco ASA Series CLI Configuration Guide
1-8
–
Legacy Cisco VPN Client (connecting with IPsec/IKEv1)
–
AnyConnect Secure Mobility Client (connecting with SSL or IPsec/IKEv2)
–
Clientless SSL VPN (browser-based connecting with SSL)
–
Cisco ASA 5500 Easy VPN hardware client (connecting with IPsec/IKEv1)
–
Cisco VPM 3002 hardware client (connecting with IPsec/IKEv1)
Specifying a Name and Type for the Remote Access Connection Profile, page
Configuring Remote-Access Connection Profile General Attributes, page
Configuring Double Authentication, page 70-12
Configuring Remote-Access Connection Profile IPsec IKEv1 Attributes, page
Configuring IPsec Remote-Access Connection Profile PPP Attributes, page 70-16
Chapter 1
Configuring Connection Profiles, Group Policies, and Users
70-8.
70-8.
70-14.
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
