Selected ASDM VPN Configuration Procedures for the Cisco ASA 5500 Series, Version 5.1(1) - Index [Cisco Adaptive Security Device Manager]

Table Of Contents

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W -

Index

A

AAA

group policy5-10

server5-7

server group5-5

tunnel-group5-11

access hours, configuring4-19

ACL filter

internal group policy, configuring4-12

attribute map5-2

attribute-value pairs (AVP)4-2

authentication, certificate1-4

B

banner, configuring4-26

base DN5-9

C

certificate enrollment

authenticating to the CA1-4

generating key pairs1-2

summary of steps1-1

trustpoint configuration1-3

certificate management in ASDM1-5

Cisco attribute name5-4

Cisco client parameters, internal group policy4-29

Citrix

configuring2-1

enabling2-10

trustpoint2-2, 2-7

client

VPN 3002 hardware, forcing client update3-1

Windows client update notification3-1

client access rules, configuring4-24

client authentication, requiring4-34

Client Configuration tab attributes, internal group policy, configuring4-26

client firewall policy, configuring4-30

client update, performing3-1

common name2-4, 2-5

compression

HTTP4-49

IP4-24

SVC4-51

Content Filtering tab, WebVPN tab4-41

D

Dead Peer Detection (DPD), internal group policy4-51

default

DefaultL2Lgroup4-1

DefaultRAgroup4-1

DefaultWebVPNgroup4-1

DfltGrpPolicy4-3

domain name for tunneled packets4-27

group policy4-3

group policy (DfltGrpPolicy)4-1

Deny Message attribute, configuring4-49

destination and source networks, internal group policy4-16

DfltGrpPolicy4-1

DHCP scope, internal group policy4-22

DNS servers, as IPSec backup servers4-29

DNS servers, internal group policy4-22

documentation

additionalvii

cautionsix

notesix

E

enrolling for certificate

authenticating to the CA1-4

generating key pairs1-2

summary of steps1-1

trustpoint configuration1-3

enrolling for identity certificate1-5

external group policy

adding4-6

configuring4-6

editing4-9

F

Fallback Trustpoint2-7

firewall policy, client, configuring4-30

FQDN2-4, 2-5

Functions tab, WebVPN Tab4-38

G

group policy5-10

configuring4-5

default4-3

definition4-1, 4-2

external, adding4-6

external, configuring4-6

external, editing4-9

internal, adding or editing4-10

internal, configuring4-9

internal, general attributes4-11

H

Hardware Client tab attributes, internal group policy, configuring4-33

home page, applying customizations4-42

home page, redirecting2-15

HTTP compression, enabling or disabling4-49

HTTP Form protocol

configuring single sign-on7-12

gathering form data7-10

overview7-9

I

identity certificate, enrolling1-5

idle timeout, hardware client users4-35

individual user authentication, hardware client, requiring4-35

internal group policy

adding or editing4-10

configuring4-9

General tab attributes4-11

Hardware Client tab attributes, configuring4-33

IPSec tab attributes, configuring4-23

maximum connect time4-21

Other WebVPN tab4-45

WebVPN tab attributes4-38

IP compression, enabling4-24

IP phone bypass, hardware client, configuring4-36

IPSec backup servers, configuring4-29

IPSec over NAT4-29

IPSec over UDP4-29

IPSec tab attributes, internal group policy4-23

K

Keepalive Ignore attribute, configuring4-49

keepalive interval, internal group policy4-51

Keep Installer on Client System4-51

key pairs, generating1-2

key renegotiation settings, internal group policy4-51

L

LDAP

attribute map5-2

base DN5-9

Cisco attribute name5-4

group policy5-10

map attribute name5-4

map attribute value5-4

over SSL5-9

SASL Kerberos5-10

SASL MD55-10

server5-7

server group5-5

server type5-9

transaction flow5-2

tunnel-group5-11

LEAP (Lightweight Extensible Authentication Protocol)4-37

LEAP bypass, hardware client, configuring4-36

load balancing

and VRRP6-2

virtual cluster6-2

logging level, configuring4-16

log options, internal group policy4-15

M

managing certificates in ASDM1-5

map attribute name5-4

map attribute value5-4

maximum connect time, internal group policy4-21

maximum sessions

IPSec6-6

N

NAT, IPSec over NAT4-29

network extension mode, hardware clients, enabling4-37

O

Other tab arguments, WebVPN group policy tab4-45

P

password storage, internal group policy4-29

perfect forward secrecy (pfs), enabling4-24

port forwarding, enabling4-43

port forwarding list, adding or editing4-44

Port Forwarding WebVPN tab4-43

protocol attribute, internal group policy4-17

R

reauthentication on IKE rekey, enabling4-23

related documentationviii

S

SASL

Kerberos5-10

MD55-10

secure unit authentication, requiring4-34

servers and URL lists, WebVPN Other tab4-46

server type5-9

service group, adding or editing4-18

service groups, managing, internal group policy4-17

simultaneous logins, configuring4-21

single sign-on

for WebVPN users7-1

with CA SiteMinder7-2

with HTTP Form protocol7-9

SiteMinder

adding Cisco authentication scheme7-8

configuring single sign-on7-2

group policies7-4

user assignment7-6

source/destination port service, internal group policy4-17

source and destination networks, internal group policy4-16

split tunneling

attributes, configuring4-28

domain list, configuring4-27

network list, internal group policy4-28

split-tunneling

policy, internal group policy4-28

SSL2-7

SSL VPN Client

benefitsviii, 8-1

configuring

address assignment8-6

features8-11

tunnel group8-9

tunneling protocol8-11

WebVPN on interface8-5

enabling8-2

installation8-2

loading images8-2

ordering images8-4

view sessions8-14

SSL VPN Client tab attributes, internal group policy, configuring4-49

SSO

See single sign-on

SSO server, adding, internal group policy4-48

SVC compression4-51

syslog options, internal group policy, configuring4-15

T

TCP Port Forwarding JAVA applet and digital certificate4-41

time range

applying4-19

viewing4-20

trustpoint1-3

adding for Citrix2-2

applying for Citrix2-7

tunnel group

default4-1

definition4-1

locking, enabling4-24

tunnel-group5-11

tunneling attributes, configuring4-27

tunneling protocol, internal group policy, configuring4-11

U

UDP, IPSec over UDP4-29

URL Enable entry2-12, 2-14

user, definition4-1

user authentication, hardware client, requiring4-35

user home page, applying customizations4-42

user idle timeout, internal group policy4-22

V

virtual cluster6-2

IP address6-1

master6-1

VPN access hours, configuring4-19

VPN hardware clients, configuring4-33

W

Web Type ACL, managing4-47

WebVPN2-15

enabling2-8

single sign-on7-1

WebVPN application access, enabling4-43

WebVPN group policy attributes, configuring4-37

WebVPN tab attributes, configuring4-38

WINS servers, as IPSec backup servers4-29

WINS servers, internal group policy4-22

	Selected ASDM VPN Configuration Procedures for the Cisco ASA 5500 Series, Version 5.1(1)
	Index
Selected ASDM VPN Configuration Procedures for the Cisco ASA 5500 Series, Version 5.1(1) About This Guide Enrolling for Digital Certificates Configuring Citrix MetaFrame Services Configuring Client Update Configuring Group Policies Configuring an LDAP AAA Server Load Balancing Configuring Single Sign-on for WebVPN Configuring SSL VPN Client Index	Download this chapter Index Table Of Contents A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W - Index A AAA group policy5-10 server5-7 server group5-5 tunnel-group5-11 access hours, configuring4-19 ACL filter internal group policy, configuring4-12 attribute map5-2 attribute-value pairs (AVP)4-2 authentication, certificate1-4 B banner, configuring4-26 base DN5-9 C certificate enrollment authenticating to the CA1-4 generating key pairs1-2 summary of steps1-1 trustpoint configuration1-3 certificate management in ASDM1-5 Cisco attribute name5-4 Cisco client parameters, internal group policy4-29 Citrix configuring2-1 enabling2-10 trustpoint2-2, 2-7 client VPN 3002 hardware, forcing client update3-1 Windows client update notification3-1 client access rules, configuring4-24 client authentication, requiring4-34 Client Configuration tab attributes, internal group policy, configuring4-26 client firewall policy, configuring4-30 client update, performing3-1 common name2-4, 2-5 compression HTTP4-49 IP4-24 SVC4-51 Content Filtering tab, WebVPN tab4-41 D Dead Peer Detection (DPD), internal group policy4-51 default DefaultL2Lgroup4-1 DefaultRAgroup4-1 DefaultWebVPNgroup4-1 DfltGrpPolicy4-3 domain name for tunneled packets4-27 group policy4-3 group policy (DfltGrpPolicy)4-1 Deny Message attribute, configuring4-49 destination and source networks, internal group policy4-16 DfltGrpPolicy4-1 DHCP scope, internal group policy4-22 DNS servers, as IPSec backup servers4-29 DNS servers, internal group policy4-22 documentation additionalvii cautionsix notesix E enrolling for certificate authenticating to the CA1-4 generating key pairs1-2 summary of steps1-1 trustpoint configuration1-3 enrolling for identity certificate1-5 external group policy adding4-6 configuring4-6 editing4-9 F Fallback Trustpoint2-7 firewall policy, client, configuring4-30 FQDN2-4, 2-5 Functions tab, WebVPN Tab4-38 G group policy5-10 configuring4-5 default4-3 definition4-1, 4-2 external, adding4-6 external, configuring4-6 external, editing4-9 internal, adding or editing4-10 internal, configuring4-9 internal, general attributes4-11 H Hardware Client tab attributes, internal group policy, configuring4-33 home page, applying customizations4-42 home page, redirecting2-15 HTTP compression, enabling or disabling4-49 HTTP Form protocol configuring single sign-on7-12 gathering form data7-10 overview7-9 I identity certificate, enrolling1-5 idle timeout, hardware client users4-35 individual user authentication, hardware client, requiring4-35 internal group policy adding or editing4-10 configuring4-9 General tab attributes4-11 Hardware Client tab attributes, configuring4-33 IPSec tab attributes, configuring4-23 maximum connect time4-21 Other WebVPN tab4-45 WebVPN tab attributes4-38 IP compression, enabling4-24 IP phone bypass, hardware client, configuring4-36 IPSec backup servers, configuring4-29 IPSec over NAT4-29 IPSec over UDP4-29 IPSec tab attributes, internal group policy4-23 K Keepalive Ignore attribute, configuring4-49 keepalive interval, internal group policy4-51 Keep Installer on Client System4-51 key pairs, generating1-2 key renegotiation settings, internal group policy4-51 L LDAP attribute map5-2 base DN5-9 Cisco attribute name5-4 group policy5-10 map attribute name5-4 map attribute value5-4 over SSL5-9 SASL Kerberos5-10 SASL MD55-10 server5-7 server group5-5 server type5-9 transaction flow5-2 tunnel-group5-11 LEAP (Lightweight Extensible Authentication Protocol)4-37 LEAP bypass, hardware client, configuring4-36 load balancing and VRRP6-2 virtual cluster6-2 logging level, configuring4-16 log options, internal group policy4-15 M managing certificates in ASDM1-5 map attribute name5-4 map attribute value5-4 maximum connect time, internal group policy4-21 maximum sessions IPSec6-6 N NAT, IPSec over NAT4-29 network extension mode, hardware clients, enabling4-37 O Other tab arguments, WebVPN group policy tab4-45 P password storage, internal group policy4-29 perfect forward secrecy (pfs), enabling4-24 port forwarding, enabling4-43 port forwarding list, adding or editing4-44 Port Forwarding WebVPN tab4-43 protocol attribute, internal group policy4-17 R reauthentication on IKE rekey, enabling4-23 related documentationviii S SASL Kerberos5-10 MD55-10 secure unit authentication, requiring4-34 servers and URL lists, WebVPN Other tab4-46 server type5-9 service group, adding or editing4-18 service groups, managing, internal group policy4-17 simultaneous logins, configuring4-21 single sign-on for WebVPN users7-1 with CA SiteMinder7-2 with HTTP Form protocol7-9 SiteMinder adding Cisco authentication scheme7-8 configuring single sign-on7-2 group policies7-4 user assignment7-6 source/destination port service, internal group policy4-17 source and destination networks, internal group policy4-16 split tunneling attributes, configuring4-28 domain list, configuring4-27 network list, internal group policy4-28 split-tunneling policy, internal group policy4-28 SSL2-7 SSL VPN Client benefitsviii, 8-1 configuring address assignment8-6 features8-11 tunnel group8-9 tunneling protocol8-11 WebVPN on interface8-5 enabling8-2 installation8-2 loading images8-2 ordering images8-4 view sessions8-14 SSL VPN Client tab attributes, internal group policy, configuring4-49 SSO See single sign-on SSO server, adding, internal group policy4-48 SVC compression4-51 syslog options, internal group policy, configuring4-15 T TCP Port Forwarding JAVA applet and digital certificate4-41 time range applying4-19 viewing4-20 trustpoint1-3 adding for Citrix2-2 applying for Citrix2-7 tunnel group default4-1 definition4-1 locking, enabling4-24 tunnel-group5-11 tunneling attributes, configuring4-27 tunneling protocol, internal group policy, configuring4-11 U UDP, IPSec over UDP4-29 URL Enable entry2-12, 2-14 user, definition4-1 user authentication, hardware client, requiring4-35 user home page, applying customizations4-42 user idle timeout, internal group policy4-22 V virtual cluster6-2 IP address6-1 master6-1 VPN access hours, configuring4-19 VPN hardware clients, configuring4-33 W Web Type ACL, managing4-47 WebVPN2-15 enabling2-8 single sign-on7-1 WebVPN application access, enabling4-43 WebVPN group policy attributes, configuring4-37 WebVPN tab attributes, configuring4-38 WINS servers, as IPSec backup servers4-29 WINS servers, internal group policy4-22
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.