Filter
Top Products
30-42
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Working with SSL and IKEv2 IPSec VPN Policies
You can then configure the settings on the following tabs:
• Performance tab—To configure caching to improve SSL VPN performance. See Configuring SSL
VPN Performance Settings (ASA), page 30-42.
• Content Rewrite tab—To create rules that permit users to browse certain sites and applications
without going through the security appliance itself. See Configuring SSL VPN Content Rewrite
Rules (ASA), page 30-43.
• Encoding tab—To configure non-default encoding for web pages delivered from CIFS servers.
Encoding is normally determined by the remote user’s browser. See Configuring SSL VPN
Encoding Rules (ASA), page 30-45.
• Proxy tab—To define HTTP or HTTPS proxy servers, if your network requires them, and proxy
bypass rules. See Configuring SSL VPN Proxies and Proxy Bypass (ASA), page 30-47.
• Plug In tab—To define browser plug-ins, which are separate programs that a web browser invokes
to perform a dedicated function. See Configuring SSL VPN Browser Plug-ins (ASA), page 30-50.
• Client Settings tab—To configure AnyConnect client images and profiles for downloading to
clients. See the following topics:
–
Understanding SSL VPN AnyConnect Client Settings, page 30-52
–
Configuring SSL VPN AnyConnect Client Settings (ASA), page 30-53
• Microsoft KCD Server—To configure Kerberos Constrained Delegation (KCD) for use with
clientless SSL VPN connections. See the following topics:
–
Understanding Kerberos Constrained Delegation (KCD) for SSL VPN (ASA), page 30-56
–
Configuring Kerberos Constrained Delegation (KCD) for SSL VPN (ASA), page 30-58
• AnyConnect Custom Attributes tab—To configure AnyConnect custom attributes. See Configuring
AnyConnect Custom Attributes (ASA), page 30-59.
• Advanced tab—To configure the memory, on-screen keyboard, and internal password features. See
Configuring SSL VPN Advanced Settings (ASA), page 30-61.
• SSL Server Verification tab—To enable HTTPS server verification for clientless SSL VPN users.
See Configuring SSL VPN Server Verification (ASA), page 30-61.
Tip You must also configure a connection profile policy on the device. See Configuring Connection Profiles
(ASA, PIX 7.0+), page 30-6.
Configuring SSL VPN Performance Settings (ASA)
Caching enhances SSL VPN performance. It stores frequently reused objects in the system cache, which
reduces the need to perform repeated rewriting and compressing of content. It reduces traffic between
SSL VPN and both the remote servers and end-user browsers, with the result that many applications run
much more efficiently.
This procedure describes how to enable caching on your ASA security appliance.
Related Topics
• Configuring Other SSL VPN Settings (ASA), page 30-41
Step 1 Do one of the following: