32-16
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 32 Managing Remote Access VPNs on IOS and PIX 6.3 Devices
Configuring an SSL VPN Policy (IOS)
General Tab
Use the General tab of the SSL VPN Context Editor dialog box to define or edit the general settings
required for an SSL VPN policy. General settings include specifying the gateway, domain, AAA servers
for accounting and authentication, and user groups.
Navigation Path
Open the SSL VPN Context Editor Dialog Box (IOS), page 32-15, then click the General tab.
Portal Page tab Defines the design of the login page for the SSL VPN policy. The
display box at the bottom of the tab changes to show you how your
selections will look. You can configure:
• Title—The text displayed at the top of the page. Control the color
using the Primary settings in the Title Color and Text Color fields.
• Logo—The graphic displayed next to the title. Select None,
Default, or Custom. To configure a custom graphic, you must copy
the desired graphic to the Security Manager server, then click
Browse to select the file. Supported graphic types are GIF, JPG,
and PNG, with a maximum size of 100 KB.
• Login Message—The text displayed immediately above the login
prompt. Control the color using the Secondary settings in the Title
Color and Text Color fields.
Secure Desktop tab Configures the Cisco Secure Desktop (CSD) software on the router.
CSD policies define entry requirements for client systems and provide
a single, secure location for session activity and removal on the client
system, ensuring that sensitive data is shared only for the duration of an
SSL VPN session.
Note You must install and activate the Secure Desktop Client
software on a device for your configuration to work.
If you want to use CSD, select Enable Cisco Secure Desktop and click
Select to select a Secure Desktop Configuration policy object, which
defines the rules you want to use to control VPN access and host
scanning. You can create a new object from the selection list. For
information about configuring these objects, see Creating Cisco Secure
Desktop Configuration Objects, page 32-18.
Advanced tab Configures these additional settings:
• Maximum Number of Users—The maximum number of SSL VPN
user sessions allowed at one time, from 1-1000.
• VRF Name—If Virtual Routing Forwarding (VRF) is configured
on the device, the name of the VRF instance that is associated with
the SSL VPN context. For information about VRF, see
Understanding VRF-Aware IPsec, page 24-14.
Table 32-5 SSL VPN Context Editor Dialog Box (Continued)
Element Description