Migrating to ASA 7.2 for VPN 3000 Concentrator Administrators
Index
Downloads: This chapterpdf (PDF - 193.0KB) | Feedback

Index

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Z

Index

Numerics

7.0 - 7.1 feature map, VPN 3000 to security appliance     15

7.2 feature map, VPN 3000 to security appliance     26

A

AAA

attributes that are not available in external groups for ASA     22

comparing VPN 3000 with ASA     22

fallback mechanism     22

tunnel groups and group policies on ASA     22

AAA server groups, adding AAA hosts     111

accounting

management traffic, VPN 3000 vs. ASA     22

RADIUS, comparing VPN 3000 with ASA     22

ACL manager     104

ACLs

adding     103

bypassing

LAN-to-LAN IPSec traffic     74, 86

comparing VPN 3000 with ASA     25

configuring for LAN-to-LAN     70

downloadable     18

Active/Standby Stateful Failover, WebVPN     20

adaptive security appliance, overview     31

Advanced Inspection and Prevention Security Services Module (AIPSSM)     17

AES     66

Aggressive Mode     17

AIP SSM     17

Are You There (AYT) firewall policy     97, 102

ASA system, overview     31

attribute-value pairs (AVP)     35

authentication, certificate     60

B

bandwidth reservation, comparing VPN 3000 with ASA     24

C

Central Protection Policy (CPP)     97, 102

certificate enrollment

authenticating to the CA     60

generating key pairs     56

summary of steps     56

trustpoint configuration     58

certificate management in ASDM     62

Certificate Revocation Checking     27

CIFS, WebVPN     20

Citrix support, WebVPN     20

CLI     17

client firewall     101

Are You There (AYT) policy     97, 102

Central Protection Policy (CPP)     97, 102

configuring     97

allowing HTTP traffic     105

default     97

rules for firewall filters     97

group policy     99

local     97

policies     101

Compression, WebVPN and SSL VPN     20

configuring

AAA hosts     111

ACLs     70, 103

address management method     45

address pools     108

administrator password     45

authentication     45

client firewall     97

crypto map, IPSec LAN-to-LAN tunnel     72

default client firewall     97

dynamic crypto map, remote-access tunnel     84

extended access list rule     103

external authentication     113

external server     108

external server group     109

group policy, client firewall     99

interfaces

IPSec LAN-to-LAN tunnel     64, 68

remote-access tunnel     76, 79

internal server user database     45

IP interfaces     44

IPSec group     45

IPSec LAN-to-LAN tunnel     63

ISAKMP policy

IPSec LAN-to-LAN tunnel     65

remote-access tunnel     77

load balancing     115

network list     89

QoS     119

RADIUS     108

split tunneling     89

system information     44

transform set, remote-access tunnel     81

tunnel group

IPSec LAN-to-LAN tunnel     71

remote-access tunnel     82

split tunneling     94

tunneling protocols and options     44

user access, remote-access tunnel     80

configuring users     17

connection timeout, TCP     19

CRLs     27

crypto map

applying to interfaces     74

configuring for LAN-to-LAN     72

D

data integrity, Phase 2, default setting     16

dbgtrace logging levels, security appliance     18

DDNS     28

default

DefaultL2Lgroup     32

DefaultRAgroup     32

DfltGrpPolicy     36

group policy     36

default group policy     35

default tunnel group     32

Denial of Service (DoS) attack     17

DES, IKE policy keywords (table)     66

Diffie-Hellman, groups supported     66

documentation

additional     vii

cautions     ix

notes     ix

DoS attack     17

DSA key     19

dynamic crypto map

configuring for remote access     84

dynamic DNS     28

E

encryption algorithm, default     16

enrolling for certificate

authenticating to the CA     60

generating key pairs     56

summary of steps     55

trustpoint configuration     58

enrolling for identity certificate     61

extended access list rule     103

external authentication, configuring for tunnel group     113

external server

configuring     108

protocols supported     110

external server group, configuring     109

F

fallback, VPN 3000 vs. ASA     22

feature map

VPN 3000 to Version 7.2 security applliance     26

VPN 3000 to Versions 7.0 and 7.1 security appliance     15

filters

comparing VPN 3000 with ASA     25

VPN 3000     18

firewall

client     97

unlocking, comparing VPN 3000 with ASA     25

firewall policy     101

firewall types     101

G

general attributes, tunnel group     33

general tunnel-group connection parameters     33

Graphical User Interface     17

Group 5, Diffie Hellman     66

group lock

comparing VPN 3000 with ASA     23

group policy

client firewall     99

configuring     36

default     36

definition     35

split tunneling     92

group policy, default     35

H

HTTP traffic     105

hub-and-spoke configuration     17

hybrid server group, support on VPN 3000 vs. ASA     22

I

identity certificate, enrolling     61

IKE

negotiation     16

Phase 2     16

Phase 2 Data Integrity, enabling     29

policy keywords     65

IKE keepalive setting

tunnel group     34

inspection, packet     17

interfaces

configuring for LAN-to-LAN     64

configuring for remote access     76, 79

IP address pool, configuring     108

IPSec

comparing VPN 3000 with ASA     23

LAN-to-LAN, permitting     74, 86

tunnel mode     68

IPSec LAN-to-LAN tunnel

configuring ACLs     70

configuring crypto map     72

configuring interfaces     64, 68

configuring ISAKMP Policy     65

configuring tunnel group     71

IPSec parameters, tunnel group     34

ISAKMP

configuring     65, 77

enabling Phase 2 data integrity     29

ISAKMP keepalive setting

tunnel groups     34

K

Keep Cisco SSL VPN Client feature, renamed     21

Keep Installer on Client System feature, ASA     21

key length, RSA     19

key pairs, generating     56

L

L2TP, L2TP over IPSec, and PPTP     26

LAN-to-LAN tunnel, configuring     63

license, comparing VPN 3000 with ASA     21

load balancing

comparing VPN 3000 with ASA     23

configuring     115

logging, event, VPN 3000     18

low-latency queueing (LLQ), comparing VPN 3000 with ASA     24

low memory, action     16

M

management traffic accounting, VPN3000 vs. ASA     22

managing certificates in ASDM     62

MD5     66

memory red condition     16

minimum bandwidth guarantee, comparing VPN 3000 with ASA     24

modes, comparing VPN 3000 with ASA     23

N

navigation map for ASDM     125

Network Admission Control     27

WebVPN     20

network list, configuring     89

network mask     18

nice reboot     16

O

object group, comparing VPN 3000 with ASA     23

OCSP     27

Online Certificate Status Protocol (OCSP)     27

P

packet inspection     17

PDA support, WebVPN     20

permitting IPSec traffic

LAN-to-LAN     74, 86

Phase 2 data integrity

default setting     16

enabling     16, 29

PKI

certificate     19

implementation on ASA     41

new CLI commands     41

policing, comparing VPN 3000 with ASA     24

protocols, external servers     110

Q

Quality of Service (QoS)

comparing VPN 3000 with ASA     24

configuring     119

Quick Configuration program, VPN 3000     43

R

RADIUS accounting, VPN 3000 vs. ASA     22

RADIUS server, configuring     108

reboot, nice     16

related documentation     viii

remote-access tunnel

configuring     75

configuring dynamic crypto map     84

configuring interfaces     76, 79

configuring ISAKMP policy     77

configuring transform set     81

configuring tunnel group     82

configuring user access     80

RIPv2     28

RSA key length     19

S

service policy rule wizard     119

session timeout, TCP     19

SHA, IKE policy keywords (table)     66

Single Sign-on, WebVPN     20

Split DNS     96

split tunneling

configuring     89

firewalls     97

group policy     92

tunnel group     94

SSL VPN Client, comparing VPN 3000 with ASA     21

syslog levels, security appliance     18

T

TCP connection timeout     19

timeout, TCP connection     19

transform set, configuring for remote access     81

Triple DES, IKE policy keyword (table)     66

trustpoint     19, 58

tunnel group

configuring for LAN-to-LAN     71

configuring for remote access     82

default     32

definition     32

external authentication     113

IPSec parameters     34

tunnel-group

general attributes     33

webvpn attributes     35

U

user

configuring     38

configuring specific     38

users

adding for remote access     80

configuring     17

V

VPN 3000 features in ASA     31

VPN client

configuring a client firewall to allow HTTP traffic     105

firewall options     97

firewall policy     102

stateful firewall     101

VPN Wizard     46

W

WebVPN

comparing VPN 3000 with ASA     20

webvpn attributes, tunnel-group     35

WebVPN tunnel-group connection parameters     35

wildcard mask     18

wizards

service policy rule     119

VPN     46

Z

Zone Labs Integrity Server     28