ASDM 6.0 User Guide - Index [Cisco Adaptive Security Device Manager]

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - R - S - T - U - V - W - X - Z

Index

Numerics

4GE SSM

connector types 2

fiber 2

SFP 2

802.1Q trunk 3, 5

A

AAA

about 1

authentication

CLI access 24

authorization

command 26

local database support 6

server

adding 12

types 2

support summary 3

AAA server group, add (group-policy) 6

ABR

definition of 2

Access Control Server 24

Access Group panel 2

description 2

fields 2

Accounting tab, tunnel group 66

ACE

add/edit/paste 15

Extended ACL tab 14

ACL

enabling IPSEC authenticated inbound sessions to bypass ACLs 79, 28

extended 14

for Clientless SSL VPN 41

standard 14

ACL Manager

Add/Edit/Paste ACE 15

dialog box 13

Active/Active failover

about 2

command replication 2

configuration synchronization 2

Active/Standby failover 2

ActiveX

object filtering, benefits of 6

Add/Edit Access Group dialog box 3

description 3

fields 3

Add/Edit Filtering Entry dialog box 9

description 9

fields 9

Add/Edit IGMP Join Group dialog box 4

description 4

fields 4

Add/Edit IGMP Static Group dialog box 7

description 7

fields 7

Add/Edit Multicast Group dialog box 18

description 18

fields 18

Add/Edit Multicast Route dialog box

description 8

fields 8

Add/Edit OSPF Area dialog box 5

description 5

fields 6

Add/Edit OSPF Neighbor Entry dialog box 17

description 17

fields 18

Restrictions 17

Add/Edit Periodic Time Range dialog box 16

Add/Edit Redistribution dialog box 16

description 16

fields 16

Add/Edit Rendezvous Point dialog box 16

description 16

fields 17

restrictions 17

Add/Edit Route Summarization dialog box 8

about 8

fields 8

Add/Edit SSH Configuration dialog box 5

description 5

fields 5

Add/Edit Summary Address dialog box

description 19

fields 19

Add/Edit Time Range dialog box 14

Add/Edit Virtual Link dialog box 20

description 20

fields 20

address assignment, client 66

Addresses tab 2

Address Pool panel, VPN wizard 11

address pools, tunnel group 66

Address Translation Exemption panel, VPN wizard 12

admin context

overview 1

administrative access

using ICMP for 13

Advanced DHCP Options dialog box 7

description 7

fields 7

Advanced OSPF Interface Properties dialog box 14

description 14

fields 14

Advanced OSPF Virtual Link Properties dialog box 21

description 21

fields 21

Advanced tab, tunnel group 67

AIP SSM

about 1

configuration 4

sending traffic to 6

alternate address, ICMP message 14, 15

APN, GTP application inspection 86

APPE command, denied request 80

application access

and e-mail proxy 7

and Web Access 7

configuring client applications 6

enabling cookies on browser 6

privileges 6

quitting properly 6

setting up on client 6

using e-mail 7

with IMAP client 7

application firewall 93

application inspection

about 2

applying 4

configuring 4

described 58

enabling for different protocols 27

security level requirements 4, 11

Apply button 10

Area/Networks tab 5

description 5

fields 5

area border router 2

ARP inspection

configuring 1

ARP spoofing 2

ARP table

monitoring 1

static entry 3

ASA 5505

Base license 2

client

Xauth 83

MAC addresses 4

maximum VLANs 2

power over Ethernet 4

Security Plus license 2

SPAN 4

ASBR

definition of 2

ASDM

version 15

attacks

DNS HINFO request 15

DNS request for all records 15

DNS zone transfer 15

DNS zone transfer from high port 15

fragmented ICMP traffic 14

IP fragment 12

IP impossible packet 12

large ICMP traffic 14

ping of death 14

proxied RPC request 15

statd buffer overflow 16

TCP FIN only flags 15

TCP NULL flags 14

TCP SYN+FIN flags 14

UDP bomb 15

UDP chargen DoS 15

UDP snork 15

attributes

LDAP 5

policy 2

RADIUS 19, 27

Attributes Pushed to Client panel, VPN wizard 12

attribute-value pairs

TACACS+ 34

authenticating a certificate 1

authentication

about 1

CLI access 24

Authentication tab 10

description 10

fields 10

Authentication tab, tunnel group 64

authorization

about 2

command 26

Authorization tab, tunnel group 64

Auto-MDI/MDIX 2

B

bandwidth 16

banner, view/configure 25

Basic tab

IPSec LAN-to-LAN, General tab 70

basic threat detection

See threat detection

bridging

MAC address table

learning, disabling 6

overview 4

static entry 6

management IP address 1

Browse ICMP 19

Browse Other 20

Browse Source or Destination Address 17

Browse Source or Destination Port 18

Browse Time Range 11

building blocks 1

bypass mode 21

C

CA certificate 1

CA Certificates 1

call agents

MGCP application inspection 107, 108

Cancel button 10

CDUP command, denied request 80

certificate

CA 1

code-signer 10

Identity 6

Local CA 12

certificate authentication 1

certificate enrollment 2, 6

Cisco-AV-Pair LDAP attributes 14

Cisco Client Parameters tab 25

Cisco IP Phones, application inspection 21

Cisco LDAP attributes 5

classes

See resource management

Client Access Rule, add or edit 23

Client Address Assignment 66

Client Authentication panel, VPN wizard 9

Client Configuration tab 24

Client Firewall tab 28

Clientless SSL VPN

client application requirements 2

client requirements 2

for file management 5

for network browsing 5

for web browsing 4

start-up 3

enable cookies for 6

end user set-up 1

printing and 3

remote requirements

for port forwarding 6

for using applications 6

remote system configuration and end-user requirements 3

security tips 2

supported applications 2

supported browsers 3

supported types of Internet connections 3

URL 3

username and password required 3

usernames and passwords 1

use suggestions 1

client parameters, configuring 24

Client Update, edit , Windows and VPN 3002 clients 3

Client Update window, Windows and VPN 3002 clients 1

code-signer certificate 10

command authorization

about 27

configuring 26

multiple contexts 28

configuration

context files 2

factory default 1

Configure IGMP Parameters dialog box 5

description 5

fields 5

configuring

CSC activation 8

CSC email 20

CSC file transfer 23

CSC IP address 9

CSC license 8

CSC management access 11

CSC notifications 10

CSC password 12

CSC Setup Wizard 13, 17

CSC Setup Wizard Activation Codes Configuration 14

CSC Setup Wizard Host Configuration 15

CSC Setup Wizard IP Configuration 14

CSC Setup Wizard Management Access Configuration 16

CSC Setup Wizard Password Configuration 16

CSC Setup Wizard Summary 18

CSC Setup Wizard Traffic Selection for CSC Scan 17

CSC updates 23

CSC Web 19

connections per second 16

context mode

viewing 15

contexts

See security contexts

conversion error, ICMP message 14, 15

CPU usage 16

CRL

cache refresh time 5, 6

enforce next update 6

CRL Issue 17

CSC 14

CSC activation

configuring 8

CSC CPU

monitoring 4

CSC email

configuring 20

CSC file transfer

configuring 23

CSC File Transfer panel

fields 23

CSC IP address

configuring 9

CSC license

configuring 8

CSC management access

configuring 11

CSC memory

monitoring 5

CSC notifications

configuring 10

CSC password

configuring 12

CSC security events

monitoring 2

CSC Setup Wizard 13

activation codes configuratrion 14

Host configuratrion 15

IP configuratrion 14

management access configuratrion 16

password configuratrion 16

specifying traffic for CSC Scanning 17

summary 18

traffic selection for CSC Scan 17

CSC software updates

monitoring 4

CSC SSM

getting started 3

overview 2

what to scan 5

CSC threats

monitoring 1

CSC updates

configuring 23

CSC Web

configuring 19

CSD support 10

CTIQBE

application inspection, enabling 27

D

default class 12

default configuration 1

default policy 2

default routes

defining equal cost routes 41

definition of 41

for tunneled traffic 41

default tunnel gateway 4

destination address, browse 17

destination port, browse 18

device ID, including in messages 6

Device Pass-Through 84

DHCP

configuring 4

interface IP address 11, 13, 15, 8

monitoring

interface lease 2

IP addresses 2

server 2

statistics 3

services 1

statistics 3

DHCP relay

overview 1

DHCP Relay - Add/Edit DHCP Server dialog box 3

description 3

fields 3

restrictions 3

DHCP Relay panel 1

description 1

fields 2

prerequisites 2

restrictions 1

DHCP Server panel 4

description 4

fields 4

DHCP services 1

digital certificates 1

directory hierarchy search 4

disabling content rewrite 13

DNS

application inspection, enabling 27

inspection

about 6

managing 6

rewrite, about 7

NAT effect on 13

DNS client 9

DNS HINFO request attack 15

DNS request for all records attack 15

DNS zone transfer attack 15

DNS zone transfer from high port attack 15

duplex

interface 17, 9, 13

system 17, 9

duplex, configuring 2

dynamic NAT

See NAT

E

Easy VPN

client

Xauth 83

Easy VPN, advanced properties 84

Easy VPN client 82

Easy VPN Remote 82

echo reply, ICMP message 14

ECMP 40

Edit DHCP Relay Agent Settings dialog box 3

description 3

fields 3

prerequisites 3

restrictions 3

Edit DHCP Server dialog box 6

description 6

fields 6

Edit OSPF Interface Authentication dialog box 11

description 11

fields 11

Edit OSPF Interface Properties dialog box 13

fields 13

Edit OSPF Process Advanced Properties dialog box 3

description 3

fields 3

Edit PIM Protocol dialog box 12

description 12

fields 12

e-mail proxy

and Clientless SSL VPN 7

Enable IPSec authenticated inbound sessions 79, 28

enrolling

certificate 2, 6

ESMTP

application inspection, enabling 27

established command, security level requirements 5, 11

Ethernet

Auto-MDI/MDIX 2

duplex 2

MTU 8, 16, 12, 15, 10

speed 2

extended ACL 14

external filtering server 5

External Group Policy, add or edit 5

F

factory default configuration 1

failover

about virtual MAC addresses 21

criteria 20, 28

defining standby IP addresses 18, 19

defining virtual MAC addresses 22

enable 26

enabling Active/Standby 15

enabling LAN-based 15

enabling LAN-based failover 26

enabling Stateful Failover 16

graphs 4

in multiple context mode 26

interface

system 1

key 15, 26

make active 4

make standby 4

monitoring 1

monitoring interfaces 19

redundant interfaces 2, 4

reload standby 4

reset 4, 8

stateful 3

Stateful Failover 27

stateless 3

status 1

failover groups

about 29

adding 30

editing 30

monitoring 9

reset 10

fiber interfaces 2

filtering

benefits of 5

rules 7

security level requirements 5, 11

servers supported 1

URLs 1

Filtering panel 8

benefits 8

description 8

fields 9

restrictions 8

firewall, client, configuring settings 28

firewall mode

configuring 4

overview 1

viewing 15

firewall server, Zone Labs 81

fragmentation policy, IPSec 1

fragmented ICMP traffic attack 14

FTP

application inspection

enabling 28

viewing 14, 60, 62, 69, 70, 77, 78, 87, 88, 94, 101, 104, 107, 111, 113, 114, 118

filtering option 9

FTP inspection

about 8

configuring 8

G

gateway, default tunnel gateway 4

gateways

MGCP application inspection 109

General Client Parameters tab 24

global addresses

recommendations 13

Group Policy window

add or edit, General tab 6, 10

introduction 4

IPSec tab, add or edit 21

GTP

application inspection

enabling 28

viewing 82

GTP inspection

configuring 10

H

H.323

transparent firewall guidelines 3

H.323 inspection

about 12

configuring 11

limitations 13

H225

application inspection, enabling 28

H323 RAS

application inspection, enabling 28

Hardware Client tab 30

Help button 10

HELP command, denied request 80

Help menu 7

history metrics 6

HSRP 2

HTTP

application inspection

enabling 28

viewing 93

filtering 1

benefits of 6

configuring 8

HTTP inspection

configuring 13

HTTPS

enabling access to ASDM 1

filtering option 9

I

ICMP

add group 20

application inspection, enabling 28

browse 19

rules for access to ADSM 13

ICMP Error

application inspection, enabling 28

ICMP Group 20

ICMP types

selecting 13, 14

Identity Certificates 6

IDM version 21

IGMP

access groups 2

configuring interface parameters 5

group membership 3

interface parameters 5

static group assignment 6

IGMP panel

IGMP

overview 2

IKE Policy panel, VPN wizard 4

IKE tunnels, amount 16

ILS

application inspection, enabling 28

ILS inspection 14

IM 20

information reply, ICMP message 14, 15

information request, ICMP message 14, 15

inspection engines

See application inspection

Instant Messaging inspection 20

interface

duplex 17, 9, 13

system 17, 9

failover link

system 1

IP address

DHCP 11, 13, 15, 8

management only 10, 12, 14, 8

MTU 8, 16, 12, 15, 10

name 10, 12, 14, 8

security level 10, 12, 14, 15, 8

speed 17, 9

system 17, 9

status 16

subinterface, adding 5, 6

throughput 16

Interface panel 10

interfaces

ASA 5505

MAC addresses 4

maximum VLANs 2

duplex 2

enabled status 2, 7

fiber 2

monitoring 5

redundant 3

SFP 2

speed 2

subinterfaces 5

intrusion prevention configuration 4

IP address 1

configuration 10, 12, 15, 8

configuring 9, 14, 6

interface

DHCP 11, 13, 15, 8

management, transparent firewall 1

IP audit

enabling 10

monitoring 7

signatures 11

statistics

IP audit

signature matches 1

IP fragment attack 12

IP fragment database, defaults 18

IP fragment database, editing 19

IP impossible packet attack 12

IP overlapping fragments attack 13

IPS

IP audit 10

IPS configuration 4

IPSec

Cisco VPN Client 9

fragmentation policy 1

IPSec Encryption and Authentication panel, VPN wizard 5

IPSec tab

internal group policy 21

IPSec LAN-to-LAN 72

tunnel group 67

IPSec tunnels, amount 16

IP teardrop attack 13

J

Java

applet filtering

benefits of 6

Java console 12

Join Group panel 3

description 3

fields 4

K

Kerberos

configuring 12

support 5

key pairs 7

L

large ICMP traffic attack 14

Layer 2 firewall

See transparent firewall

Layer 3/4

matching multiple policy maps 3

LDAP

AAA support 6

application inspection 14

Cisco attributes 5

Cisco-AV-pair 14

configuring 12

configuring a AAA server2to 19

directory about 3

directory search 4

hierarchy example 3

permissions policy 2

schema example 15

schema loading 18

schema planning3to 5

server configuration about 3

user authentication 6

user permissions 18

licenses

per model 2

Local CA 12

Local CA User Database 17

Local Hosts and Networks panel, VPN wizard 6

local user database

configuring 7

support 6

lockout recovery 36

logging

viewing last 10 messages 14

LSA

about Type 1 1

about Type 2 2

about Type 3 3

about Type 4 3

about Type 5 4

about Type 7 4

M

MAC address

redundant interfaces 3, 4

MAC addresses

ASA 5505 4

MAC address table 4

built-in-switch 5

learning, disabling 6

monitoring 4

overview 4

static entry 6

management traffic 10, 12, 14, 8

man-in-the-middle attack 2

mask reply, ICMP message 14, 15

mask request, ICMP message 14, 15

maximum sessions, IPSec 80

memory usage 16

menus 4

MGCP

application inspection

configuring 109

enabling 28

viewing 107

MGCP inspection

configuring 15

Microsoft client parameters, configuring 24

mobile redirection, ICMP message 14, 15

mode

bypass in IPS 21

context 9

firewall 4

model 15

Modular Policy Framework

See MPF

monitoring

ARP table 1

CSC CPU 4

CSC memory 5

CSC security events 2

CSC software updates 4

CSC threats 1

DHCP

interface lease 2

IP addresses 2

server 2

statistics 3

failover 1, 6

failover groups 9

history metrics 6

interfaces 5

MAC address table 4

routes 8

monitoring interfaces 19

monitoring switch traffic, ASA 5505 4

MPF

about 1

default policy 2

feature directionality 3

features 1

flows 3

matching multiple policy maps 3

See also class map

See also policy map

MRoute panel 11

description 7

fields 7

MTU 8, 16, 12, 15, 10

Multicast panel

description 1

fields 1

Multicast Route panel 11

multicast traffic 3

multiple mode, enabling 9

N

N2H2 filtering server 5

name resolution 9

NAT

about 1

application inspection 58

bypassing NAT

about 10

DNS 13

dynamic NAT

about 6

configuring 22

implementation 16

exemption from NAT

about 10

identity NAT

about 10

order of statements 13

PAT

about 8

configuring 22

implementation 16

policy NAT

about 10

RPC not supported with 25

same security level 12

security level requirements 5, 11

static NAT

about 8

configuring 25

static PAT

about 9

transparent mode 3

types 6

NETBIOS

application inspection, enabling 28

NetBIOS server

tab 47

Network Admission Control

uses, requirements, and limitations 23

network objects 2

New Authentication Server Group panel, VPN wizard 10

new features 1

NTLM support 5

NT server

configuring 12

support 5

O

Options menu 5

OSPF

about 1

adding an LSA filter 9

authentication settings 10

authentication support 1

configuring authentication 11

defining a static neighbor 17

defining interface properties 13

interaction with NAT 2

interface properties 10, 12

LSA filtering 8

LSAs 2

LSA types 1

monitoring LSAs 1

neighbor states 5

route redistribution 14

static neighbor 17

summary address 18

virtual links 19

OSPF area

defining 5

OSPF Neighbors panel 5

description 5

fields 5

OSPF parameters

dead interval 14

hello interval 14

retransmit interval 14

transmit delay 14

OSPF route summarization

about 7

defining 8

Outlook Web Access (OWA) and Clientless SSL VPN 7

oversubscribing resources 11

P

packet

classifier 2

packet trace, enabling 7

parameter problem, ICMP message 14, 15

password

Clientless SSL VPN 1

PAT

See also NAT

PDP context, GTP application inspection 84

PIM

interface parameters 12

overview 11

register message filter 18

rendezvous points 16

shortest path tree settings 20

ping of death attack 14

platform model 15

PoE 4

policy map

Layer 3/4

feature directionality 3

flows 3

policy NAT

about 10

Port Forwarding

configuring client applications 6

port forwarding entry 18

posture validation

uses, requirements, and limitations 23

Posture Validation Exception, add/edit 26

power over Ethernet 4

PPP tab, tunnel-group 70

PPTP

application inspection, enabling 28

Process Instances tab 3

description 3

fields 3

Properties tab 12

description 12

fields 12

Protocol Group, add 21

Protocol panel (IGMP) 5

description 5

fields 5

Protocol panel (PIM) 12

description 12

fields 12

proxied RPC request attack 15

proxy ARP, disabling 46

proxy bypass 22

proxy servers

SIP and 20

R

RADIUS

attribute policy 2

attributes 19, 27

Cisco AV pair 14

configuring a AAA server 19, 26

configuring a server 12

permissions policy 2

support 3

RAM, amount

memory, amount

RAM 15

RealPlayer 18

recurring time range, add or edit 13

redirect, ICMP message 14, 15

Redistribution panel 14

description 14

fields 15

redundant interfaces

configuring 5

failover 2, 4

MAC address 3, 4

Remote Access Client panel, VPN wizard 7

Remote Site Peer panel, VPN wizard 3

Rendezvous Points panel 16

description 16

fields 16

Request Filter panel 18

description 18

fields 18

reset

inbound connections 20

outside connections 20

Reset button 10

resource management

configuring 10

default class 12

oversubscribing 11

overview 11

unlimited 11

rewrite, disabling 13

RIP

authentication 22

definition of 22

support for 22

RIP panel 22

fields 23

limitations 22

RIP Version 2 Notes 22

RNFR command, denied request 80

RNTO command, denied request 80

routed mode

about 1

setting 4

router advertisement, ICMP message 14, 15

router solicitation, ICMP message 14, 15

Routes panel 8

description 8

fields 4, 8

Route Summarization tab 7

about 7

fields 7

Route Tree panel 20

description 20

fields 20

RPC

application inspection, enabling 29

RSH

application inspection, enabling 28

RTSP

application inspection, enabling 28

RTSP inspection

about 18

configuring 18

rules

filtering 5

ICMP 13

S

same security level communication

NAT 12

SCCP (Skinny) inspection

about 21

configuration 21

configuring 21

SDI

configuring 12

support 4

Secure Computing SmartFilter filtering server

supported 1

URL for website 1

Secure Copy panel 9

description 9

fields 10

limitations 9

Secure Shell panel

description 4

fields 5

security contexts

admin context

overview 1

cascading 7

classifier 2

command authorization 28

configuration

files 2

logging in 8

multiple mode, enabling 9

nesting or cascading 8

overview 1

resource management 11

unsupported features 2

security level

configuration 10, 12, 14, 15, 8

segment size

maximum and minimum 20

Server and URL List

add/edit 33

Server or URL

dialog box 33

Setup panel 2

about 2

signatures

attack and informational 11

single mode

backing up configuration 9

configuration 9

enabling 9

restoring 10

SIP

application inspection, enabling 29

SIP inspection

about 20

configuring 19

instant messaging 20

SITE command, denied request 80

Skinny

application inspection, enabling 28

smart tunnels 32

SMTP inspection 23

SNMP

application inspection

enabling 29

viewing 124

software

version 15, 21

source address, browse 17

source port, browse 18

source quench, ICMP message 15

source-quench, ICMP message 14

SPAN 4

specifying traffic for CSC scanning 17

speed

interface 17, 9

system 17, 9

speed, configuring 2

spoofing, preventing 19

SQLNET

application inspection, enabling 29

SSM

configuration

AIP SSM 4

CSC SSM 3

Standard Access List Rule, add/edit 28

Standard ACL tab 14

startup configuration 2

statd buffer overflow attack 16

stateful application inspection 58

Stateful Failover 3

enabling 16

Logical Updates Statistics 7, 9

settings 27

stateful failover

interface

system 1

stateless failover 3

Static Group panel 6

description 6

fields 6

static NAT

See NAT

Static Neighbor panel 17

description 17

fields 17

static PAT

See PAT

static routes

about 40

floating 40

status bar 9

stealth firewall

See transparent firewall

STOU command, denied request 80

subinterface

adding 5, 6

subinterfaces, adding 5

subordinate certificate 1

Summary Address panel 18

description 18

fields 18

Summary panel, VPN wizard 7

Sun Microsystems Java™ Runtime Environment (JRE) and Clientless SSL VPN 6

Sun Microsystems Java™ Runtime Environment (JRE) and WebVPN 19

Sun RPC inspection

about 25

configuring 24

switch MAC address table 5

switch ports

default configuration 4

SPAN 4

system

interface

duples 17, 9

failover link 1

speed 17, 9

system configuration

network settings 2

overview 1

system messages

device ID, including 6

viewing last 10 14

T

TACACS+

command authorization, configuring 31

configuring a server 12

support 4

TCP

application inspection 58

maximum segment size 20

TIME_WAIT state 20

TCP FIN only flags attack 15

TCP NULL flags attack 14

TCP Service Group, add 18

TCP SYN+FIN flags attack 14

TFTP

application inspection, enabling 29

threat detection

basic

drop types 2

enabling 2

overview 2

rate intervals 2

system performance 2

scanning

default limits, changing 4

enabling 3

host database 3

overview 3

shunning attackers 4

system performance 4

scanning statistics

enabling 4

system performance 17, 4, 5

TIME_WAIT state 20

time exceeded, ICMP message 14, 15

time range

add or edit 12

browse 11

recurring 13

timestamp reply, ICMP message 14, 15

timestamp request, ICMP message 14, 15

Tools menu 6

traceroute, enabling 6, 11

traffic usage 16

transparent firewall

about 1

guidelines 4

H.323 guidelines 3

HSRP 2

MAC address table

learning, disabling 6

overview 4

static entry 6

Management 0/0 IP address 6, 12

management IP address 1

multicast traffic 3

unsupported features 5

VRRP 2

transparent mode

NAT 3

trunk, 802.1Q 3, 5

Tunneled Management 84

tunnel gateway, default 4

Type 1 panel 1

description 1

fields 2

Type 2 panel 2

description 2

fields 2

Type 3 panel 3

description 3

fields 3

Type 4 panel 3

description 3

fields 3

Type 5 panel 4

description 4

fields 4

Type 7 panel 4

description 4

fields 5

U

UDP

application inspection 58

bomb attack 15

chargen DoS attack 15

snork attack 15

Unicast Reverse Path Forwarding 19

unreachable messages

ICMP type 14, 15

required for MTU discovery 13

uptime 15

URL

filtering

benefits of 6

configuring 8

URLs

filtering 1

filtering, configuration 4

User Accounts panel, VPN wizard 11

username

adding 7

Clientless SSL VPN 1

Xauth for Easy VPN client 83

V

version

ASDM 15

IPS software 21

platform software 15

View/Config Banner 25

virtual firewalls

See security contexts

Virtual Link panel 19

description 19

fields 19

virtual MAC address

defining for Active/Active failover 31

virtual MAC addresses

about 21, 32

defaults for Active/Active failover 31

defining 22

defining for Active/Standby failover 33

virtual private network

overview 2

VLANs 3, 5

802.1Q trunk 3, 5

ASA 5505

MAC addresses 4

maximum 2

subinterfaces 3, 5

VoIP

proxy servers 20

VPN

overview 1, 2

system options 79

VPN Client, IPSec attributes 9

VPN Tunnel Type panel, VPN wizard 2

VPN wizard 1

Address Pool panel 11

Address Translation Exemption panel 12

Attributes Pushed to Client panel 12

Client Authentication panel 9

IKE Policy panel 4

IPSec Encryption and AUthentication panel 5

Remote Access Client panel 7

Remote Site Peer panel 3

Summary panel 7

User Accounts panel 11

VPN Tunnel Type panel 2

VPNwizard

Local Hosts and Networks panel 6

New Authentication Server Group panel 10

VRRP 2

W

web browsing with Clientless SSL VPN 4

Websense filtering server 1, 5

WebVPN

use suggestions 2

Window menu 7

Wizards menu 7

X

Xauth, Easy VPN client 83

XDMCP

application inspection, enabling 29

Z

Zone Labs Integrity Server 81

	ASDM 6.0 User Guide
	Index
ASDM 6.0 User Guide Preface Welcome to ASDM Defining Preferences and Using Configuration, Diagnostic, and File Management Tools Before You Start Using the Startup Wizard Configuring Interfaces Configuring Interfaces in Multiple Mode Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance Adding Global Objects Configuring Security Contexts Configuring Device Settings and Management DHCP, DNS and WCCP Services Configuring AAA Servers and User Accounts Configuring Management Access High Availability Configuring Logging Configuring Dynamic And Static Routing Configuring Multicast Routing Firewall Mode Overview Configuring Access Rules Configuring EtherType Rules Configuring AAA Rules Configuring Filter Rules Configuring Service Policy Rules Configuring Application Layer Protocol Inspection Configuring NAT Configuring ARP Inspection and Bridging Parameters Configuring Advanced Firewall Protection Configuring QoS VPN SSL VPN Wizard IKE General Configuring Dynamic Access Policies Clientless SSL VPN Clientless SSL VPN End User Set-up E-Mail Proxy Configuring SSL Settings Configuring Certificates Configuring IPS Configuring Trend Micro Content Security Monitoring Logging Monitoring Trend Micro Content Security Monitoring Failover Monitoring Interfaces Monitoring Routing Monitoring VPN Monitoring Properties Feature Licenses and Specifications Configuring an External Server for Authorization and Authentication Index	Download this chapter Index Download the complete book Cisco ASDM User Guide - Whole Book PDF (PDF - 26 MB) Table Of Contents Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - R - S - T - U - V - W - X - Z Index Numerics 4GE SSM connector types 2 fiber 2 SFP 2 802.1Q trunk 3, 5 A AAA about 1 authentication CLI access 24 authorization command 26 local database support 6 server adding 12 types 2 support summary 3 AAA server group, add (group-policy) 6 ABR definition of 2 Access Control Server 24 Access Group panel 2 description 2 fields 2 Accounting tab, tunnel group 66 ACE add/edit/paste 15 Extended ACL tab 14 ACL enabling IPSEC authenticated inbound sessions to bypass ACLs 79, 28 extended 14 for Clientless SSL VPN 41 standard 14 ACL Manager Add/Edit/Paste ACE 15 dialog box 13 Active/Active failover about 2 command replication 2 configuration synchronization 2 Active/Standby failover 2 ActiveX object filtering, benefits of 6 Add/Edit Access Group dialog box 3 description 3 fields 3 Add/Edit Filtering Entry dialog box 9 description 9 fields 9 Add/Edit IGMP Join Group dialog box 4 description 4 fields 4 Add/Edit IGMP Static Group dialog box 7 description 7 fields 7 Add/Edit Multicast Group dialog box 18 description 18 fields 18 Add/Edit Multicast Route dialog box description 8 fields 8 Add/Edit OSPF Area dialog box 5 description 5 fields 6 Add/Edit OSPF Neighbor Entry dialog box 17 description 17 fields 18 Restrictions 17 Add/Edit Periodic Time Range dialog box 16 Add/Edit Redistribution dialog box 16 description 16 fields 16 Add/Edit Rendezvous Point dialog box 16 description 16 fields 17 restrictions 17 Add/Edit Route Summarization dialog box 8 about 8 fields 8 Add/Edit SSH Configuration dialog box 5 description 5 fields 5 Add/Edit Summary Address dialog box description 19 fields 19 Add/Edit Time Range dialog box 14 Add/Edit Virtual Link dialog box 20 description 20 fields 20 address assignment, client 66 Addresses tab 2 Address Pool panel, VPN wizard 11 address pools, tunnel group 66 Address Translation Exemption panel, VPN wizard 12 admin context overview 1 administrative access using ICMP for 13 Advanced DHCP Options dialog box 7 description 7 fields 7 Advanced OSPF Interface Properties dialog box 14 description 14 fields 14 Advanced OSPF Virtual Link Properties dialog box 21 description 21 fields 21 Advanced tab, tunnel group 67 AIP SSM about 1 configuration 4 sending traffic to 6 alternate address, ICMP message 14, 15 APN, GTP application inspection 86 APPE command, denied request 80 application access and e-mail proxy 7 and Web Access 7 configuring client applications 6 enabling cookies on browser 6 privileges 6 quitting properly 6 setting up on client 6 using e-mail 7 with IMAP client 7 application firewall 93 application inspection about 2 applying 4 configuring 4 described 58 enabling for different protocols 27 security level requirements 4, 11 Apply button 10 Area/Networks tab 5 description 5 fields 5 area border router 2 ARP inspection configuring 1 ARP spoofing 2 ARP table monitoring 1 static entry 3 ASA 5505 Base license 2 client Xauth 83 MAC addresses 4 maximum VLANs 2 power over Ethernet 4 Security Plus license 2 SPAN 4 ASBR definition of 2 ASDM version 15 attacks DNS HINFO request 15 DNS request for all records 15 DNS zone transfer 15 DNS zone transfer from high port 15 fragmented ICMP traffic 14 IP fragment 12 IP impossible packet 12 large ICMP traffic 14 ping of death 14 proxied RPC request 15 statd buffer overflow 16 TCP FIN only flags 15 TCP NULL flags 14 TCP SYN+FIN flags 14 UDP bomb 15 UDP chargen DoS 15 UDP snork 15 attributes LDAP 5 policy 2 RADIUS 19, 27 Attributes Pushed to Client panel, VPN wizard 12 attribute-value pairs TACACS+ 34 authenticating a certificate 1 authentication about 1 CLI access 24 Authentication tab 10 description 10 fields 10 Authentication tab, tunnel group 64 authorization about 2 command 26 Authorization tab, tunnel group 64 Auto-MDI/MDIX 2 B bandwidth 16 banner, view/configure 25 Basic tab IPSec LAN-to-LAN, General tab 70 basic threat detection See threat detection bridging MAC address table learning, disabling 6 overview 4 static entry 6 management IP address 1 Browse ICMP 19 Browse Other 20 Browse Source or Destination Address 17 Browse Source or Destination Port 18 Browse Time Range 11 building blocks 1 bypass mode 21 C CA certificate 1 CA Certificates 1 call agents MGCP application inspection 107, 108 Cancel button 10 CDUP command, denied request 80 certificate CA 1 code-signer 10 Identity 6 Local CA 12 certificate authentication 1 certificate enrollment 2, 6 Cisco-AV-Pair LDAP attributes 14 Cisco Client Parameters tab 25 Cisco IP Phones, application inspection 21 Cisco LDAP attributes 5 classes See resource management Client Access Rule, add or edit 23 Client Address Assignment 66 Client Authentication panel, VPN wizard 9 Client Configuration tab 24 Client Firewall tab 28 Clientless SSL VPN client application requirements 2 client requirements 2 for file management 5 for network browsing 5 for web browsing 4 start-up 3 enable cookies for 6 end user set-up 1 printing and 3 remote requirements for port forwarding 6 for using applications 6 remote system configuration and end-user requirements 3 security tips 2 supported applications 2 supported browsers 3 supported types of Internet connections 3 URL 3 username and password required 3 usernames and passwords 1 use suggestions 1 client parameters, configuring 24 Client Update, edit , Windows and VPN 3002 clients 3 Client Update window, Windows and VPN 3002 clients 1 code-signer certificate 10 command authorization about 27 configuring 26 multiple contexts 28 configuration context files 2 factory default 1 Configure IGMP Parameters dialog box 5 description 5 fields 5 configuring CSC activation 8 CSC email 20 CSC file transfer 23 CSC IP address 9 CSC license 8 CSC management access 11 CSC notifications 10 CSC password 12 CSC Setup Wizard 13, 17 CSC Setup Wizard Activation Codes Configuration 14 CSC Setup Wizard Host Configuration 15 CSC Setup Wizard IP Configuration 14 CSC Setup Wizard Management Access Configuration 16 CSC Setup Wizard Password Configuration 16 CSC Setup Wizard Summary 18 CSC Setup Wizard Traffic Selection for CSC Scan 17 CSC updates 23 CSC Web 19 connections per second 16 context mode viewing 15 contexts See security contexts conversion error, ICMP message 14, 15 CPU usage 16 CRL cache refresh time 5, 6 enforce next update 6 CRL Issue 17 CSC 14 CSC activation configuring 8 CSC CPU monitoring 4 CSC email configuring 20 CSC file transfer configuring 23 CSC File Transfer panel fields 23 CSC IP address configuring 9 CSC license configuring 8 CSC management access configuring 11 CSC memory monitoring 5 CSC notifications configuring 10 CSC password configuring 12 CSC security events monitoring 2 CSC Setup Wizard 13 activation codes configuratrion 14 Host configuratrion 15 IP configuratrion 14 management access configuratrion 16 password configuratrion 16 specifying traffic for CSC Scanning 17 summary 18 traffic selection for CSC Scan 17 CSC software updates monitoring 4 CSC SSM getting started 3 overview 2 what to scan 5 CSC threats monitoring 1 CSC updates configuring 23 CSC Web configuring 19 CSD support 10 CTIQBE application inspection, enabling 27 D default class 12 default configuration 1 default policy 2 default routes defining equal cost routes 41 definition of 41 for tunneled traffic 41 default tunnel gateway 4 destination address, browse 17 destination port, browse 18 device ID, including in messages 6 Device Pass-Through 84 DHCP configuring 4 interface IP address 11, 13, 15, 8 monitoring interface lease 2 IP addresses 2 server 2 statistics 3 services 1 statistics 3 DHCP relay overview 1 DHCP Relay - Add/Edit DHCP Server dialog box 3 description 3 fields 3 restrictions 3 DHCP Relay panel 1 description 1 fields 2 prerequisites 2 restrictions 1 DHCP Server panel 4 description 4 fields 4 DHCP services 1 digital certificates 1 directory hierarchy search 4 disabling content rewrite 13 DNS application inspection, enabling 27 inspection about 6 managing 6 rewrite, about 7 NAT effect on 13 DNS client 9 DNS HINFO request attack 15 DNS request for all records attack 15 DNS zone transfer attack 15 DNS zone transfer from high port attack 15 duplex interface 17, 9, 13 system 17, 9 duplex, configuring 2 dynamic NAT See NAT E Easy VPN client Xauth 83 Easy VPN, advanced properties 84 Easy VPN client 82 Easy VPN Remote 82 echo reply, ICMP message 14 ECMP 40 Edit DHCP Relay Agent Settings dialog box 3 description 3 fields 3 prerequisites 3 restrictions 3 Edit DHCP Server dialog box 6 description 6 fields 6 Edit OSPF Interface Authentication dialog box 11 description 11 fields 11 Edit OSPF Interface Properties dialog box 13 fields 13 Edit OSPF Process Advanced Properties dialog box 3 description 3 fields 3 Edit PIM Protocol dialog box 12 description 12 fields 12 e-mail proxy and Clientless SSL VPN 7 Enable IPSec authenticated inbound sessions 79, 28 enrolling certificate 2, 6 ESMTP application inspection, enabling 27 established command, security level requirements 5, 11 Ethernet Auto-MDI/MDIX 2 duplex 2 MTU 8, 16, 12, 15, 10 speed 2 extended ACL 14 external filtering server 5 External Group Policy, add or edit 5 F factory default configuration 1 failover about virtual MAC addresses 21 criteria 20, 28 defining standby IP addresses 18, 19 defining virtual MAC addresses 22 enable 26 enabling Active/Standby 15 enabling LAN-based 15 enabling LAN-based failover 26 enabling Stateful Failover 16 graphs 4 in multiple context mode 26 interface system 1 key 15, 26 make active 4 make standby 4 monitoring 1 monitoring interfaces 19 redundant interfaces 2, 4 reload standby 4 reset 4, 8 stateful 3 Stateful Failover 27 stateless 3 status 1 failover groups about 29 adding 30 editing 30 monitoring 9 reset 10 fiber interfaces 2 filtering benefits of 5 rules 7 security level requirements 5, 11 servers supported 1 URLs 1 Filtering panel 8 benefits 8 description 8 fields 9 restrictions 8 firewall, client, configuring settings 28 firewall mode configuring 4 overview 1 viewing 15 firewall server, Zone Labs 81 fragmentation policy, IPSec 1 fragmented ICMP traffic attack 14 FTP application inspection enabling 28 viewing 14, 60, 62, 69, 70, 77, 78, 87, 88, 94, 101, 104, 107, 111, 113, 114, 118 filtering option 9 FTP inspection about 8 configuring 8 G gateway, default tunnel gateway 4 gateways MGCP application inspection 109 General Client Parameters tab 24 global addresses recommendations 13 Group Policy window add or edit, General tab 6, 10 introduction 4 IPSec tab, add or edit 21 GTP application inspection enabling 28 viewing 82 GTP inspection configuring 10 H H.323 transparent firewall guidelines 3 H.323 inspection about 12 configuring 11 limitations 13 H225 application inspection, enabling 28 H323 RAS application inspection, enabling 28 Hardware Client tab 30 Help button 10 HELP command, denied request 80 Help menu 7 history metrics 6 HSRP 2 HTTP application inspection enabling 28 viewing 93 filtering 1 benefits of 6 configuring 8 HTTP inspection configuring 13 HTTPS enabling access to ASDM 1 filtering option 9 I ICMP add group 20 application inspection, enabling 28 browse 19 rules for access to ADSM 13 ICMP Error application inspection, enabling 28 ICMP Group 20 ICMP types selecting 13, 14 Identity Certificates 6 IDM version 21 IGMP access groups 2 configuring interface parameters 5 group membership 3 interface parameters 5 static group assignment 6 IGMP panel IGMP overview 2 IKE Policy panel, VPN wizard 4 IKE tunnels, amount 16 ILS application inspection, enabling 28 ILS inspection 14 IM 20 information reply, ICMP message 14, 15 information request, ICMP message 14, 15 inspection engines See application inspection Instant Messaging inspection 20 interface duplex 17, 9, 13 system 17, 9 failover link system 1 IP address DHCP 11, 13, 15, 8 management only 10, 12, 14, 8 MTU 8, 16, 12, 15, 10 name 10, 12, 14, 8 security level 10, 12, 14, 15, 8 speed 17, 9 system 17, 9 status 16 subinterface, adding 5, 6 throughput 16 Interface panel 10 interfaces ASA 5505 MAC addresses 4 maximum VLANs 2 duplex 2 enabled status 2, 7 fiber 2 monitoring 5 redundant 3 SFP 2 speed 2 subinterfaces 5 intrusion prevention configuration 4 IP address 1 configuration 10, 12, 15, 8 configuring 9, 14, 6 interface DHCP 11, 13, 15, 8 management, transparent firewall 1 IP audit enabling 10 monitoring 7 signatures 11 statistics IP audit signature matches 1 IP fragment attack 12 IP fragment database, defaults 18 IP fragment database, editing 19 IP impossible packet attack 12 IP overlapping fragments attack 13 IPS IP audit 10 IPS configuration 4 IPSec Cisco VPN Client 9 fragmentation policy 1 IPSec Encryption and Authentication panel, VPN wizard 5 IPSec tab internal group policy 21 IPSec LAN-to-LAN 72 tunnel group 67 IPSec tunnels, amount 16 IP teardrop attack 13 J Java applet filtering benefits of 6 Java console 12 Join Group panel 3 description 3 fields 4 K Kerberos configuring 12 support 5 key pairs 7 L large ICMP traffic attack 14 Layer 2 firewall See transparent firewall Layer 3/4 matching multiple policy maps 3 LDAP AAA support 6 application inspection 14 Cisco attributes 5 Cisco-AV-pair 14 configuring 12 configuring a AAA server2to 19 directory about 3 directory search 4 hierarchy example 3 permissions policy 2 schema example 15 schema loading 18 schema planning3to 5 server configuration about 3 user authentication 6 user permissions 18 licenses per model 2 Local CA 12 Local CA User Database 17 Local Hosts and Networks panel, VPN wizard 6 local user database configuring 7 support 6 lockout recovery 36 logging viewing last 10 messages 14 LSA about Type 1 1 about Type 2 2 about Type 3 3 about Type 4 3 about Type 5 4 about Type 7 4 M MAC address redundant interfaces 3, 4 MAC addresses ASA 5505 4 MAC address table 4 built-in-switch 5 learning, disabling 6 monitoring 4 overview 4 static entry 6 management traffic 10, 12, 14, 8 man-in-the-middle attack 2 mask reply, ICMP message 14, 15 mask request, ICMP message 14, 15 maximum sessions, IPSec 80 memory usage 16 menus 4 MGCP application inspection configuring 109 enabling 28 viewing 107 MGCP inspection configuring 15 Microsoft client parameters, configuring 24 mobile redirection, ICMP message 14, 15 mode bypass in IPS 21 context 9 firewall 4 model 15 Modular Policy Framework See MPF monitoring ARP table 1 CSC CPU 4 CSC memory 5 CSC security events 2 CSC software updates 4 CSC threats 1 DHCP interface lease 2 IP addresses 2 server 2 statistics 3 failover 1, 6 failover groups 9 history metrics 6 interfaces 5 MAC address table 4 routes 8 monitoring interfaces 19 monitoring switch traffic, ASA 5505 4 MPF about 1 default policy 2 feature directionality 3 features 1 flows 3 matching multiple policy maps 3 See also class map See also policy map MRoute panel 11 description 7 fields 7 MTU 8, 16, 12, 15, 10 Multicast panel description 1 fields 1 Multicast Route panel 11 multicast traffic 3 multiple mode, enabling 9 N N2H2 filtering server 5 name resolution 9 NAT about 1 application inspection 58 bypassing NAT about 10 DNS 13 dynamic NAT about 6 configuring 22 implementation 16 exemption from NAT about 10 identity NAT about 10 order of statements 13 PAT about 8 configuring 22 implementation 16 policy NAT about 10 RPC not supported with 25 same security level 12 security level requirements 5, 11 static NAT about 8 configuring 25 static PAT about 9 transparent mode 3 types 6 NETBIOS application inspection, enabling 28 NetBIOS server tab 47 Network Admission Control uses, requirements, and limitations 23 network objects 2 New Authentication Server Group panel, VPN wizard 10 new features 1 NTLM support 5 NT server configuring 12 support 5 O Options menu 5 OSPF about 1 adding an LSA filter 9 authentication settings 10 authentication support 1 configuring authentication 11 defining a static neighbor 17 defining interface properties 13 interaction with NAT 2 interface properties 10, 12 LSA filtering 8 LSAs 2 LSA types 1 monitoring LSAs 1 neighbor states 5 route redistribution 14 static neighbor 17 summary address 18 virtual links 19 OSPF area defining 5 OSPF Neighbors panel 5 description 5 fields 5 OSPF parameters dead interval 14 hello interval 14 retransmit interval 14 transmit delay 14 OSPF route summarization about 7 defining 8 Outlook Web Access (OWA) and Clientless SSL VPN 7 oversubscribing resources 11 P packet classifier 2 packet trace, enabling 7 parameter problem, ICMP message 14, 15 password Clientless SSL VPN 1 PAT See also NAT PDP context, GTP application inspection 84 PIM interface parameters 12 overview 11 register message filter 18 rendezvous points 16 shortest path tree settings 20 ping of death attack 14 platform model 15 PoE 4 policy map Layer 3/4 feature directionality 3 flows 3 policy NAT about 10 Port Forwarding configuring client applications 6 port forwarding entry 18 posture validation uses, requirements, and limitations 23 Posture Validation Exception, add/edit 26 power over Ethernet 4 PPP tab, tunnel-group 70 PPTP application inspection, enabling 28 Process Instances tab 3 description 3 fields 3 Properties tab 12 description 12 fields 12 Protocol Group, add 21 Protocol panel (IGMP) 5 description 5 fields 5 Protocol panel (PIM) 12 description 12 fields 12 proxied RPC request attack 15 proxy ARP, disabling 46 proxy bypass 22 proxy servers SIP and 20 R RADIUS attribute policy 2 attributes 19, 27 Cisco AV pair 14 configuring a AAA server 19, 26 configuring a server 12 permissions policy 2 support 3 RAM, amount memory, amount RAM 15 RealPlayer 18 recurring time range, add or edit 13 redirect, ICMP message 14, 15 Redistribution panel 14 description 14 fields 15 redundant interfaces configuring 5 failover 2, 4 MAC address 3, 4 Remote Access Client panel, VPN wizard 7 Remote Site Peer panel, VPN wizard 3 Rendezvous Points panel 16 description 16 fields 16 Request Filter panel 18 description 18 fields 18 reset inbound connections 20 outside connections 20 Reset button 10 resource management configuring 10 default class 12 oversubscribing 11 overview 11 unlimited 11 rewrite, disabling 13 RIP authentication 22 definition of 22 support for 22 RIP panel 22 fields 23 limitations 22 RIP Version 2 Notes 22 RNFR command, denied request 80 RNTO command, denied request 80 routed mode about 1 setting 4 router advertisement, ICMP message 14, 15 router solicitation, ICMP message 14, 15 Routes panel 8 description 8 fields 4, 8 Route Summarization tab 7 about 7 fields 7 Route Tree panel 20 description 20 fields 20 RPC application inspection, enabling 29 RSH application inspection, enabling 28 RTSP application inspection, enabling 28 RTSP inspection about 18 configuring 18 rules filtering 5 ICMP 13 S same security level communication NAT 12 SCCP (Skinny) inspection about 21 configuration 21 configuring 21 SDI configuring 12 support 4 Secure Computing SmartFilter filtering server supported 1 URL for website 1 Secure Copy panel 9 description 9 fields 10 limitations 9 Secure Shell panel description 4 fields 5 security contexts admin context overview 1 cascading 7 classifier 2 command authorization 28 configuration files 2 logging in 8 multiple mode, enabling 9 nesting or cascading 8 overview 1 resource management 11 unsupported features 2 security level configuration 10, 12, 14, 15, 8 segment size maximum and minimum 20 Server and URL List add/edit 33 Server or URL dialog box 33 Setup panel 2 about 2 signatures attack and informational 11 single mode backing up configuration 9 configuration 9 enabling 9 restoring 10 SIP application inspection, enabling 29 SIP inspection about 20 configuring 19 instant messaging 20 SITE command, denied request 80 Skinny application inspection, enabling 28 smart tunnels 32 SMTP inspection 23 SNMP application inspection enabling 29 viewing 124 software version 15, 21 source address, browse 17 source port, browse 18 source quench, ICMP message 15 source-quench, ICMP message 14 SPAN 4 specifying traffic for CSC scanning 17 speed interface 17, 9 system 17, 9 speed, configuring 2 spoofing, preventing 19 SQLNET application inspection, enabling 29 SSM configuration AIP SSM 4 CSC SSM 3 Standard Access List Rule, add/edit 28 Standard ACL tab 14 startup configuration 2 statd buffer overflow attack 16 stateful application inspection 58 Stateful Failover 3 enabling 16 Logical Updates Statistics 7, 9 settings 27 stateful failover interface system 1 stateless failover 3 Static Group panel 6 description 6 fields 6 static NAT See NAT Static Neighbor panel 17 description 17 fields 17 static PAT See PAT static routes about 40 floating 40 status bar 9 stealth firewall See transparent firewall STOU command, denied request 80 subinterface adding 5, 6 subinterfaces, adding 5 subordinate certificate 1 Summary Address panel 18 description 18 fields 18 Summary panel, VPN wizard 7 Sun Microsystems Java™ Runtime Environment (JRE) and Clientless SSL VPN 6 Sun Microsystems Java™ Runtime Environment (JRE) and WebVPN 19 Sun RPC inspection about 25 configuring 24 switch MAC address table 5 switch ports default configuration 4 SPAN 4 system interface duples 17, 9 failover link 1 speed 17, 9 system configuration network settings 2 overview 1 system messages device ID, including 6 viewing last 10 14 T TACACS+ command authorization, configuring 31 configuring a server 12 support 4 TCP application inspection 58 maximum segment size 20 TIME_WAIT state 20 TCP FIN only flags attack 15 TCP NULL flags attack 14 TCP Service Group, add 18 TCP SYN+FIN flags attack 14 TFTP application inspection, enabling 29 threat detection basic drop types 2 enabling 2 overview 2 rate intervals 2 system performance 2 scanning default limits, changing 4 enabling 3 host database 3 overview 3 shunning attackers 4 system performance 4 scanning statistics enabling 4 system performance 17, 4, 5 TIME_WAIT state 20 time exceeded, ICMP message 14, 15 time range add or edit 12 browse 11 recurring 13 timestamp reply, ICMP message 14, 15 timestamp request, ICMP message 14, 15 Tools menu 6 traceroute, enabling 6, 11 traffic usage 16 transparent firewall about 1 guidelines 4 H.323 guidelines 3 HSRP 2 MAC address table learning, disabling 6 overview 4 static entry 6 Management 0/0 IP address 6, 12 management IP address 1 multicast traffic 3 unsupported features 5 VRRP 2 transparent mode NAT 3 trunk, 802.1Q 3, 5 Tunneled Management 84 tunnel gateway, default 4 Type 1 panel 1 description 1 fields 2 Type 2 panel 2 description 2 fields 2 Type 3 panel 3 description 3 fields 3 Type 4 panel 3 description 3 fields 3 Type 5 panel 4 description 4 fields 4 Type 7 panel 4 description 4 fields 5 U UDP application inspection 58 bomb attack 15 chargen DoS attack 15 snork attack 15 Unicast Reverse Path Forwarding 19 unreachable messages ICMP type 14, 15 required for MTU discovery 13 uptime 15 URL filtering benefits of 6 configuring 8 URLs filtering 1 filtering, configuration 4 User Accounts panel, VPN wizard 11 username adding 7 Clientless SSL VPN 1 Xauth for Easy VPN client 83 V version ASDM 15 IPS software 21 platform software 15 View/Config Banner 25 virtual firewalls See security contexts Virtual Link panel 19 description 19 fields 19 virtual MAC address defining for Active/Active failover 31 virtual MAC addresses about 21, 32 defaults for Active/Active failover 31 defining 22 defining for Active/Standby failover 33 virtual private network overview 2 VLANs 3, 5 802.1Q trunk 3, 5 ASA 5505 MAC addresses 4 maximum 2 subinterfaces 3, 5 VoIP proxy servers 20 VPN overview 1, 2 system options 79 VPN Client, IPSec attributes 9 VPN Tunnel Type panel, VPN wizard 2 VPN wizard 1 Address Pool panel 11 Address Translation Exemption panel 12 Attributes Pushed to Client panel 12 Client Authentication panel 9 IKE Policy panel 4 IPSec Encryption and AUthentication panel 5 Remote Access Client panel 7 Remote Site Peer panel 3 Summary panel 7 User Accounts panel 11 VPN Tunnel Type panel 2 VPNwizard Local Hosts and Networks panel 6 New Authentication Server Group panel 10 VRRP 2 W web browsing with Clientless SSL VPN 4 Websense filtering server 1, 5 WebVPN use suggestions 2 Window menu 7 Wizards menu 7 X Xauth, Easy VPN client 83 XDMCP application inspection, enabling 29 Z Zone Labs Integrity Server 81
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.