32-14
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 32 Managing Remote Access VPNs on IOS and PIX 6.3 Devices
Configuring an SSL VPN Policy (IOS)
• You can edit the properties of a User Group object by selecting it in either list and clicking the Edit
button.
Configuring an SSL VPN Policy (IOS)
Use the SSL VPN policy to configure the SSL VPN connection policies for an IOS router. From this
page, you can create, edit, or delete SSL VPN policies.
Related Topics
• Understanding Remote Access SSL VPNs, page 29-2
• Creating SSL VPNs Using the Remote Access VPN Configuration Wizard (IOS Devices),
page 29-31
• Filtering Tables, page 1-45
Step 1 Do one of the following:
• (Device view) With an IOS device selected, select Remote Access VPN > SSL VPN from the Policy
selector.
• (Policy view) Select Remote Access VPN > SSL VPN > SSL VPN Policy (IOS) from the Policy
Type selector. Select an existing policy or create a new one.
The SSL VPN page appears.
The table lists all of the contexts that define the virtual configurations of the SSL VPN. Each context has
a gateway, domain or virtual hostname, and user group policies. The status of the context is also shown,
either In Service or Out of Service.
Step 2 Do either of the following:
• To add a context, click the Add Row button to open the SSL VPN Context Editor Dialog Box (IOS),
page 32-15.
• To edit a context, select it and click the Edit Row button.
Note To delete a context, select it and click the Delete Row button.
Step 3 Configure at least the following general settings for the policy. For information on other fields, see
General Tab, page 32-16.
• Name, Domain—For new policies, the name of the context that defines the virtual configuration of
the SSL VPN. To simplify the management of multiple context configurations, make the context
name the same as the domain or virtual hostname.
• Gateway—The SSL VPN gateway policy object that identifies the gateway device to which users
will connect, including interface and port configuration. Click Select to select the object from a list
or to create a new object.
When you select the object, the Portal Page URL field shows the URL to which users connect.
• Authentication Server Group—A prioritized list of AAA server group objects that identify the
AAA servers to use for authenticating users.