Chapter 21
Cisco IOS SSL VPN
Cisco IOS SSL VPN Contexts
Cisco IOS SSL VPN Gateways
OL-4015-12
One Cisco IOS SSL VPN context can support multiple group policies.
•
Each context must have one associated gateway.
•
One gateway can support multiple contexts.
•
If there is more than one group policy on the router, a AAA server must be
•
used for authentication.
A Cisco IOS SSL VPN context identifies resources needed to support SSL VPN
tunnels between remote clients and a corporate or private intranet, and supports
one or more group policies. A Cisco IOS SSL VPN context provides the
following resources:
An associated Cisco IOS SSL VPN gateway, which provides an IP address
•
that clients can reach and a certificate used to establish a secure connection.
Means for authentication. You can authenticate users locally, or by using
•
AAA servers.
The HTML display settings for the portal that provides links to network
•
resources.
Port forwarding lists that enable the use of Thin Client applets on remote
•
clients. Each list should be configured for use in a specific group policy.
URL lists that contain links to resources in the corporate intranet. Each list
•
should be configured for use in a specific group policy.
NetBIOS Name Server lists. Each list should be configured for use in a
•
specific group policy.
These resources are available when configuring Cisco IOS SSL VPN group
policies.
A Cisco IOS SSL VPN context can support multiple group policies. A Cisco IOS
SSL VPN context can be associated with only one gateway.
A Cisco IOS SSL VPN gateway provides a reachable IP address and certificate
for one or more Cisco IOS SSL VPN contexts. Each gateway configured on a
router must be configured with its own IP address; IP addresses cannot be shared
among gateways. It is possible to use the IP address of a router interface, or
Cisco Router and Security Device Manager 2.5 User's Guide
Additional Help Topics
21-41