Filter
Top Products
30-23
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Configuring Group Policies for Remote Access VPNs
• Group policy source—Identifies whether the user group’s attributes and values are stored internally
(locally) on the security appliance or externally on an AAA server. If the user group is an external
type, no other settings need to be configured for it. For more information, see ASA Group Policies
Dialog Box, page 33-1.
• Client Configuration settings, which specify the Cisco client parameters for the user group in an
Easy VPN or remote access VPN. For more information, see ASA Group Policies Client
Configuration Settings, page 33-4.
• Client Firewall Attributes, which configure the firewall settings for VPN clients in an Easy VPN or
remote access VPN. For more information, see ASA Group Policies Client Firewall Attributes,
page 33-5.
• Hardware Client Attributes, which configure the VPN 3002 Hardware Client settings in an Easy
VPN or remote access VPN. For more information, see ASA Group Policies Hardware Client
Attributes, page 33-7.
• IPsec settings, which specify tunneling protocols, filters, connection settings, and servers for the
user group in an Easy VPN or remote access VPN. For more information, see ASA Group Policies
IPSec Settings, page 33-8.
• Clientless settings, which configure the Clientless mode of access to the corporate network in an
SSL VPN, for the ASA user group. For more information, see ASA Group Policies SSL VPN
Clientless Settings, page 33-10.
• Full Client settings, which configure the Full Client mode of access to the corporate network in an
SSL VPN, for the ASA user group. For more information, see ASA Group Policies SSL VPN Full
Client Settings, page 33-13.
• General settings that are required for Clientless/Port Forwarding in an SSL VPN. For more
information, see ASA Group Policies SSL VPN Settings, page 33-17.
• DNS/WINS settings that define the DNS and WINS servers and the domain name that should be
pushed to remote clients associated with the ASA user group. For more information, see ASA Group
Policies DNS/WINS Settings, page 33-20.
• Split tunneling that lets a remote client conditionally direct packets over an IPsec or SSL VPN tunnel
in encrypted form or to a network interface in clear text form. For more information, see ASA Group
Policies Split Tunneling Settings, page 33-21.
• Remote access or SSL VPN session connection settings for the ASA user group. For more
information, see ASA Group Policies Connection Settings, page 33-22.
Related Topics
• Creating Group Policies (ASA, PIX 7.0+), page 30-23
• Configuring Group Policies for Remote Access VPNs, page 30-21
Creating Group Policies (ASA, PIX 7.0+)
Use the Group Policies page to create group policies for ASA or PIX 7.0+ devices used in remote access
IPSec VPNs, or ASA devices used in remote access SSL VPNs. For information about group policies,
see:
• Understanding Group Policies (ASA), page 30-22
• Configuring Group Policies for Remote Access VPNs, page 30-21