CHAPTER
33-1
User Guide for Cisco Security Manager 4.4
OL-28826-01
33
Configuring Policy Objects for Remote Access
VPNs
There are several policy objects that you use primarily or exclusively with remote access VPNs. Some
of these objects, the ASA Group Policies and User Group objects, are also used with Easy VPN
site-to-site topologies. This reference explains the configuration of these policy objects.
This chapter contains the following topics:
• ASA Group Policies Dialog Box, page 33-1
• Add or Edit Secure Desktop Configuration Dialog Box, page 33-23
• Add and Edit File Object Dialog Boxes, page 33-25
• Add or Edit Port Forwarding List Dialog Boxes, page 33-28
• Add or Edit Single Sign On Server Dialog Boxes, page 33-30
• Add or Edit Bookmarks Dialog Boxes, page 33-32
• Add and Edit SSL VPN Customization Dialog Boxes, page 33-37
• Add or Edit SSL VPN Gateway Dialog Box, page 33-50
• Add and Edit Smart Tunnel List Dialog Boxes, page 33-52
• Add and Edit Smart Tunnel Auto Signon List Dialog Boxes, page 33-55
• Add or Edit User Group Dialog Box, page 33-58
• Add or Edit WINS Server List Dialog Box, page 33-74
ASA Group Policies Dialog Box
Use the Add or Edit ASA Group Policies dialog box to create, copy, and edit an ASA user group policies
object.
ASA group policies are configured on ASA security appliances in Easy VPN topologies, remote access
IPSec VPNs, and remote access SSL VPNs. When you configure an Easy VPN or remote access VPN,
you must create group policies to which remote clients will belong. A group policy is a set of
user-oriented attribute/value pairs for VPN connections that are stored either internally (locally) on the
device or externally on a AAA server. The tunnel group uses a group policy that sets terms for user
connections after the tunnel is established. Group policies let you apply whole sets of attributes to a user
or a group of users rather than having to specify each attribute individually for each user.