Support User Manuals

Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

29-21

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 29 Managing Remote Access VPNs: The Basics

Using the Remote Access VPN Configuration Wizard

Field Reference

Table 29-4 Create User Group Wizard—Full Tunnel Page

Element Description

Mode The access modes to allow in the SSL VPN. Select one of the following:

• Use Other Access Modes if SSL VPN Client Download

Fails—To allow the remote client to use clientless or thin client

access modes if the download of the VPN client fails.

• Full Tunnel Only—Prohibit clientless or thin client access. The

user must have the full client installed and functional to connect to

the VPN.

Ensure that you configure the full client images on the device. For

ASA devices, use the Client Settings tab of the SSL VPN > Other

Settings policy; see Configuring SSL VPN AnyConnect Client

Settings (ASA), page 30-53. For IOS devices, the client is managed

using a FlexConfig policy; see Predefined FlexConfig Policy

Objects, page 7-19.

Client IP Address Pools

(IOS device only.)

The IP address ranges of the address pool that full tunnel clients will

draw from when they log on. The address pool must be in the same

subnet as one of the device’s interface IP addresses.

Enter the address range separating the first and last IP address with a

hyphen, for example, 10.100.10.2-10.100.10.255. If you enter a single

address, the pool has just one address. Do not enter subnet designations.

You can also enter the name of a network/host policy object that defines

the range, or click Select to select the object from a list or to create a

new object. Separate multiple ranges with commas.

Primary DNS Server The IP address of the primary DNS server for the group. Enter the IP

address or the name of a network/host object, or click Select to select

an object from a list or to create a new object.

Secondary DNS Server The IP address of the secondary DNS server for the group. Enter the IP

address or the name of a network/host object, or click Select to select

an object from a list or to create a new object.

Default DNS Domain The domain name of the DNS server to be used for Full Client SSL

VPN connections.

Primary WINS Server The IP address of the primary WINS server for the group. Enter the IP

address or the name of a network/host object, or click Select to select

an object from a list or to create a new object.

Secondary WINS Server The IP address of the primary WINS server for the group. Enter the IP

address or the name of a network/host object, or click Select to select

an object from a list or to create a new object.

previous next