Filter
Top Products
33-51
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 33 Configuring Policy Objects for Remote Access VPNs
Add or Edit SSL VPN Gateway Dialog Box
IP Address The IP address for the gateway, which is the address to which remote
users connect:
• Use Static IP Address—Specify the address that you want to use.
You must also configure this address on an interface on the router.
• Obtained from Interface—Specify the interface role that resolves
to a single interface on the device. The IP address configured for
the interface is used. This option allows you to identify the external
interface you want to use for connections without having to
explicitly enter the IP address. If you have to change the address on
the interface, you do not have to also reconfigure this object.
Port The number of the port that will carry the HTTPS traffic. You can also
enter the name of a port list object that specifies the single port number,
or click Select to select the object from a list. The default is the HTTPS
object, which specifies port 443. If you do not use port 443, you can
enter another port number between 1025 and 65535.
Trustpoint The digital certificate required to establish the secure connection. A
self-signed certificate is generated when an SSL VPN gateway is
activated.
Enable Gateway Whether to activate the SSL VPN gateway.
Specify SSL Encryption
Algorithms
Whether to restrict the encryption algorithms used for the connection,
or to specify a different order of use. The default is to make all
algorithms available in this order of preference: 3DES and SHA1, AES
and SHA1, RC4 and MD5.
Select the priority order for the algorithms. Select None to eliminate
one or two algorithms.
Redirect HTTP Traffic
HTTP Port
Whether to have the gateway redirect HTTP traffic over secure HTTP
(HTTPS). Traffic that comes to this port is redirected to the port you
specify in the Port field.
Enter the port number for HTTP traffic in the HTTP Port field. You can
enter a number or the name of a port list object, or click Select to select
an object from a list or to create a new object.
The HTTP port is normally 80. However, you can enter any other
number that is used in your network between 1025-65535.
Hostname The hostname for the gateway.
• Do Not Specify—No hostname is assigned; the IP address to the
gateway is used.
• Use the host and domain names of the device—These are defined
in the Platform > Device Admin > Hostname policy.
• Use the Object—The hostname is the value defined in a text policy
object. Enter the name of the object or click Select to select it from
a list or to create a new object.
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Table 33-38 Add and Edit SSL VPN Gateway Dialog Boxes (Continued)
Element Description