Cisco Systems OL-5532-02 manual Defining Address Pools, Remote Access VPN Policy Address Pools

Page 10

Chapter 4 Remote Access VPN Services

Creating Remote Access VPN Policies

Note You can click Finish on any of the Remote Access VPN Policy pages. When you click Finish, the unedited policy parameters take the default settings provided by ISC, and ISC saves the policy to your repository.

Defining Address Pools

In this section, you create the IP address pools that remote clients use to establish IPsec tunnels to the private site. Remote clients are assigned an inside IP address from these pools.

Step 1 From the Remote Access VPN Policy – General Editor page click Address Pools. The Remote Access VPN Policy – Address Pools page appears as shown in Figure 4-8.

Note From the ISC home page, you can navigate to this page by clicking Service Design > Policies > Create

>IPsec Policy > Remote Access VPN Policy, entering values in the Remote Access VPN Policy – General Editor, and then clicking Next.

Figure 4-8 The Remote Access VPN Policy – Address Pools Page

Step 2 Click Create to add the remote access IP address pool. The Address Pools dialog box appears as shown in Figure 4-9.

Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2

4-10

OL-5532-02

 

 

Page 9 Page 11
Image 10
Page 9 Page 11
Contents Remote Access VPN Services Adding AAA Server Devices to Your Repository AAA Servers Owner Select button TimeoutName IP AddressCreating Encryption Policies Click Remote Access VPN Policy PoliciesRemote Access VPN Policy General Editor XAuth Timeout Group PasswordConfirm Password Use ModeNAT Traversal AuthenticationDefault Domain IKE NAT KeepaliveRemote Access VPN Policy Address Pools Defining Address PoolsEnding Address Starting AddressNet Mask 11 Remote Access VPN Policy Split Tunneling Network List Defining Split Tunneling Networks OptionalGenerate Split TunnelingPolicy CreateDefining the Remote Access User List Optional 14 The Everything Option for Split TunnelingPassword User IDEnabled SA Idle Timeout SA Idle TimeoutDefining Cisco IOS Software-Specific Parameters Injection Defining PIX Firewall-Specific ParametersReverse Route Group LockMax Connect Time Idle TimeoutDefining VPN 3000-Specific Parameters Sysopt ConnectionAuthentication on Logins Min PasswordOnly Passwords SimultaneousDefining the VPN 3000 Access Hours Start Time Defining the VPN 3000 L2TP ParametersControl End TimeRequired Use Client AddressL2TP Compression Require StatelessMSCHAPv1 SummaryMSCHAPv2 23 The Policies Page with Policy Status Displayed Creating Remote Access VPN Service Requests IPsec Network-basedDescription AAA Servers Remote AccessPolicies CPEs29 CPEs Associated with Remote Access Service Dialog Box 31 Add/Remove Templates Dialog Box 32 The Template DataFile Chooser Action ActiveOL-5532-02
Top Page Image Contents