Migrating to ASA 7.2 for VPN 3000 Concentrator Administrators
Mapping Topics from VPN 3000 Series Concentrators to ASDM
Downloads: This chapterpdf (PDF - 186.0KB) | Feedback

Mapping Topics from VPN 3000 Series Concentrators to ASDM

Table Of Contents

Mapping Topics from VPN 3000 Series Concentrators to ASDM


Mapping Topics from VPN 3000 Series Concentrators to ASDM


The following tables map the VPN 3000 Concentrator tasks to the Adaptive Security Device Manager paths:

Table A-1, "Navigation Map for Configuration Tasks"

Table A-2, "Navigation Map for Administration Tasks"

Table A-3, "Monitoring Tasks"

Table A-1 Navigation Map for Configuration Tasks 

VPN 3000 Task
Topic
ASDM Path

Using the VPN 3000 Management application

Not applicable

ASDM Online Help > About Cisco ASDM

Configuring Interfaces

Not applicable

Configuration > Interfaces > Add

power

Enable Interface/Dedicate to management only

Ethernet

Hardware Port

General parameters

VLAN ID/Sub-interface ID

Configuring Servers

AAA Servers

Configuration > Properties > AAA Setup > AAA Server Groups

authentication, authorization, and accounting

Configuration > Security Policy > AAA Rules

DHCP

Configuration > Properties > DHCP Services > DHCP Server and DHCP Relay

DNS

Configuration > Properties > DNS Client and Dynamic DNS

NTP

Configuration > Properties > Device Administration > NTP

External servers (TACACS and RADIUS)

Configuration > Properties > AAA Setup > AAA Server Groups > Add AAA Server Group (Protocol list box)

Configuring Address Management

Not applicable

Configuration > VPN > IP Address Management

Assignment

Assignment

Pools

IP Pools

Configuring Tunneling and IPSec

PPTP

Not applicable

IPSec site-to-site

Configuration > VPN > IPSec and Configuration > VPN > General > Tunnel Group, Group Policy

IKE proposals

Configuration > VPN > IKE > Policies

NAT-Transparency

Configuration > VPN > IKE > Global Parameters (NAT Transparency group box)

Configuration > VPN > IPsec > IPSec Rules > Tunnel Policy (Crypto Map) - Advanced Tab > Enable NAT-T checkbox

Alerts

Configuration > VPN > IKE > Global Parameters

Configuring IP Routing

Not applicable

Configuration > Routing

Static routes

Configuration > Routing > Static Route

Default gateways ("Tunnel Default Gateway")

Configuration > Routing > Static Route

OSPF

Configuration > Routing > Dynamic Routing > OSPF

DHCP

Configuration > Properties > DHCP Services

Redundancy

Configuration > Properties > High Availability, Failover

RIP

Configuration > Routing > Dynamic Routing > RIP

RRI

Configuration > VPN > IPsec > IPSec Rules > Tunnel Policy (Crypto Map) - Advanced Tab > Enable Reverse Route Injection checkbox

Configuring Management Protocols

Not applicable

Not applicable

FTP

Tools > File Management > File Transfer

HTTP/HTTPS

Configuration > Properties > HTTP/HTTPS

TFTP

Configuration > Properties > Device Administration > TFTP Server

Telnet

Configuration > Properties > Device Access > Telnet

SNMP

Configuration > Properties > Device Administration> SNMP

SSL

Configuration > Properties > SSL

SSH

Configuration > Properties > Device Access > Secure Shell

XML

Not applicable

Configuring Event Reporting

Event classes--list

Event security levels--list

Event log

Configuration > Properties > Logging

Event Lists

Syslog Setup

General or default handling of events

FTP information for automatic backup

Classes for special handling

Trap destinations for SNMP management

Syslog servers

Configuration > Properties > Logging > Logging Setup, Syslog Servers, Syslog Setup

SMTP servers for email recipients

Configuration > Logging > E-Mail Setup

Configuring System Information and Parameters

Not applicable

Configuration > Properties > Device Administration

Identification

Configuration > Properties > Device Administration > Device

Time and date

Configuration > Properties > Device Administration > Clock

Sessions

Maximum active IPSec connections

Compression

Configuration > VPN > General > VPN System Options

Hairpinning (Allowing traffic between two or more hosts connected to the same interface

Configuration > Interfaces

Authentication (global parameters)

Configuration > Properties > Device Access > AAA Access

Configuring Client Update

Not applicable

Configuration > VPN > General > Client Update

Configuring Load Balancing

Not applicable

Configuration > VPN > Load Balancing

Configuring User Management

Users

Configuration > Properties > Device Administration > User Accounts

Base Group

Not applicable

Groups

Configuration > VPN > General > Group Policy and Configuration > VPN > General > Tunnel Group

Configuring Policy Management

Access hours

Traffic management

Network lists

Rules

SAs

Filters

Bandwidth

Configuration > Security Policy

Access Rules

AAA Rules

Filter Rules

Service Policy Rules

NAT Policy

Configuration > NAT

Certificate group matching

Policy (for group derivation)

Rules

Configuration > VPN > IKE > Certificate Group Matching

Policy

Rules

HTTP and HTTPS

Configuration > Properties > HTTP/HTTPS

SSL

Configuration > Properties > SSL

Configuring Web VPN

Not applicable

Configuration > VPN > WebVPN

Access

Configuration > VPN > WebVPN > WebVPN Access

HTTP/ HTTPS Proxies

Configuration > VPN > WebVPN > Proxies

Home Page

Configuration > VPN > WebVPN > Webpage Customization

Logo

Configuration > VPN > WebVPN > Webpage Customization

E-mail Proxy

Configuration > VPN > E-mail Proxy

Servers and URLs

Configuration > VPN > WebVPN > Servers and URLs, Encoding

Port Forwarding

Configuration > VPN > WebVPN > Port Forwarding

NetBIOS Name Servers

Configuration > VPN > Tunnel Group > Add WebVPN Access Tunnel Group > WebVPN tab > NetBIOS Servers tab

SSL VPN Client

Configuration > VPN > WebVPN > SSL VPN Client

Cisco Secure Desktop, Setup and Manager

Configuration > Properties > Device Administration > CSD Setup

Configuration CSD Manager


Table A-2 Navigation Map for Administration Tasks 

VPN 3000 Task
Topic
ASDM Path

Viewing statistics for all active sessions

Not applicable

Monitoring > VPN

Updating the display

Click Refresh

Updating the ASA system software

Not applicable

Tools > > Upgrade Software > Upload Image From Local PC

Updating the VPN Client software

Not applicable

Configuration > VPN > General > Client Update

Shutting down and/or rebooting the system

Not applicable

Tools > System Reload

Viewing the reboot status

Not applicable

Tools > System Reload

Using the Ping utility

Not applicable

Tools > Ping

Traceroute

Not applicable

Tools > Traceroute

Configuring and controlling administrative access rights

Configure administrator usernames, access, and rights

Configure ACLs for administrators

Configure access settings

Configuration > Properties > Device Access > AAA Access

Configure AAA servers for admin users

Configuration > Properties > AAA Setup > AAA Servers

Managing files in flash memory on the device

Tools > File Management

Swap backup and boot configuration files

Tools > Upgrade Software > Upload Image from Local PC

Transfer files using TFTP

Tools > File Management > File Transfer > TFTP

Send a file using HTTP

Tools > File Management > File Transfer > HTTP

Export the configuration to an XML file

Not applicable

Enrolling for and Managing Certificates (PKI)

Enrolling for a certificate

Obtaining an SSL certificate

Enabling CRL checking and caching

Enabling digital certificates for remote access connections

Enabling digital certificates for site-to-site connections

Deleting digital certificates

Managing certificates

Enrolling identity and SSL certificates

Installing certificates once enrolled

Configuring SCEP parameters

Viewing CRL cache

Viewing certificate information

Configuring a CA certificate

Renewing a certificate

Managing enrollment requests

Configuration > Properties > Certificate

Authentication

Enrollment

Import Certificate

Keypair

Manage Certificate

Trustpoint


Table A-3 Monitoring Tasks

VPN 3000 Task
Topic
ASDM Path

Monitoring the routing table (routes and protocols)

Not applicable

Monitoring > Routing > Routes

Monitoring > Routing > OSPF LSAs

Monitoring > Routing > OSPF Neighbors

Viewing dynamic filters and rules

Not applicable

Configuration > Security Policy

Viewing the event log

Not applicable

Monitoring > Logging > Real-Time Log Viewer

Viewing system status and memory status

Not applicable

Monitoring > Properties > System Resource Graphs

Displaying information about all active sessions

Not applicable

Monitoring > VPN

Gathering Statistics

Not applicable

Monitoring > VPN > VPN Statistics

Accounting

Monitoring > Properties > AAA Servers

Administrative AAA

Monitoring > Properties > AAA Servers

Authentication

Monitoring > Properties > Device Access > Authenticated Users

Authorization

Monitoring > Properties > AAA Servers

Bandwidth management

Monitoring > Properties > System Resource Graphs

Compression

Monitoring > VPN > VPN Statistics > Compression Statistics

Crypto

Monitoring > VPN > VPN Statistics > Crypto Statistics

DHCP

Monitoring > Interfaces > DHCP

DNS

Monitoring > Properties > DNS Cache

Encryption

Monitoring > VPN > VPN Statistics > Encryption Statistics

Events

Monitoring > Logging > Real-Time Log Viewer

Filtering

Not applicable

Global IKE/IPSec

Monitoring > VPN > VPN Statistics > Global IKE/IPSec Statistics

IPSec Tunnels

Monitoring > VPN > VPN Connection Graphs

L2TP

Monitoring > VPN > VPN Connection Graph

Load balancing

Monitoring > VPN > VPN Statistics > Cluster Loads

PPTP

Not applicable

SSH

Monitoring > Properties > Device Access > Secure Shell Sessions

SSL

Monitoring > Device Access > HTTPS/ASDM Sessions

Telnet

Monitoring > Properties > Device Access > Telnet Sessions

VRRP

Not applicable