Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
33-4
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 33 Configuring Policy Objects for Remote Access VPNs
ASA Group Policies Dialog Box
ASA Group Policies Client Configuration Settings
Use the Client Configuration settings page to configure the Cisco client parameters for the ASA group
policy for Easy VPN or remote access VPN.
Navigation Path
Select Easy VPN/IPSec VPN > Client Configuration from the table of contents in the ASA Group
Policies Dialog Box, page 33-1.
Field Reference
SSL VPN Settings for SSL VPN:
Clientless—Settings for the clientless mode of access to the
corporate network in an SSL VPN. See ASA Group Policies SSL
VPN Clientless Settings, page 33-10.
Full Client—Settings for the full client mode of access to the
corporate network in an SSL VPN. See ASA Group Policies SSL
VPN Full Client Settings, page 33-13.
Settings—The general settings that are required for clientless/port
forwarding in an SSL VPN. See ASA Group Policies SSL VPN
Settings, page 33-17.
Connection Settings The connection settings for the group, such as the session and idle
timeouts, including the banner text. See ASA Group Policies
Connection Settings, page 33-22.
Table 33-1 Add or Edit ASA Group Policies Dialog Box, including Technology Settings
Element Description
Table 33-2 ASA Group Policies Client Configuration Settings
Element Description
Store Password on Client
System
Whether to allow users to store a password on their local systems.
Enable this feature only if you are certain that the local systems will be
in secure sites.
Enable IPsec over UDP
UDP Port
Whether to allow a Cisco VPN client or hardware client to connect
using UDP to a security appliance that is running NAT.
If you select this option, specify the UDP port number within the range
of 4001-49151. In IPsec negotiations, the security appliance listens on
the configured port and forwards UDP traffic for that port even if other
filter rules drop UDP traffic.
Note The Cisco VPN client must also be configured to use IPsec over
UDP, which is configured by default on certain devices.
 previous next