Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
33-3
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 33 Configuring Policy Objects for Remote Access VPNs
ASA Group Policies Dialog Box
Technology settings These settings control what you can define in the group policy:
Group Policy Type—Whether you are storing the group policy on
the ASA device itself (Internal) or on a AAA server (External).
You cannot change this option when editing an object.
If you select External, the only attributes you can configure are the
name of the AAA server group object that identifies the AAA
server and its password.
Technology—The types of VPN for which this object defines
group policies. Select all that apply:
Easy VPN/IPSec IKEv1—For Easy VPN topologies or remote
access IPsec VPNs that allow IKEv1 negotiations.
Easy VPN/IPSec IKEv2—For remote access IPsec VPNs that
allow IKEv2 negotiations. IKEv2 is not supported in Easy
VPN topologies.
SSL Clientless—For remote access SSL VPNs of all types, not
just clientless.
External Server Group—If you are storing the group policy
attributes on an external AAA server, specify the AAA server
group that will be used for authentication. Click Select to select the
object from a list or to create a new object.
After you select an external server group, the Password and
Confirm fields become active. Enter the alphanumeric password to
use for authenticating with the server in both fields. The password
can be a maximum of 128 characters; spaces are not allowed.
DNS/WINS The DNS and WINS servers and the domain name that should be
pushed to clients associated with the group. See ASA Group Policies
DNS/WINS Settings, page 33-20.
Split Tunneling Settings to allow a remote client to conditionally direct encrypted
packets through a secure tunnel to the central site and simultaneously
allow clear text tunnels to the Internet through a network interface. See
ASA Group Policies Split Tunneling Settings, page 33-21.
Easy VPN/IPSec VPN Settings for Easy VPN and remote access IPSec VPNs:
Client Configuration—The Cisco client parameters for the group.
See ASA Group Policies Client Configuration Settings, page 33-4.
Client Firewall Attributes—The firewall settings for VPN clients
for the group. See ASA Group Policies Client Firewall Attributes,
page 33-5.
Hardware Client Attributes—The VPN 3002 Hardware Client
settings for the group. See ASA Group Policies Hardware Client
Attributes, page 33-7.
IPSec—The tunneling protocols, filters, connection settings, and
servers for the group. See ASA Group Policies IPSec Settings,
page 33-8.
Table 33-1 Add or Edit ASA Group Policies Dialog Box, including Technology Settings
Element Description