Chapter 4 Remote Access VPN Services
Creating Remote Access VPN Policies
Table
Field Name |
| Type | Instructions |
|
|
|
|
|
|
Reverse Route |
| checkbox | Check to enable reverse route injection (RRI). RRI injects the host route into the | |
Injection |
|
| routing table for the IP address that was allocated out of the remote access address | |
|
|
| pool. (RRI uses the host address as the route destination in the route entry of the | |
|
|
| routing table.) This allows the creation of a static route for a remote, protected | |
|
|
| network. | |
|
|
| This feature is also used for | |
|
|
| on | |
|
|
| VPN Management Suite | |
|
|
|
|
|
Reverse Route |
| checkbox | To enable this option, you must first check Reverse Route Injection and then you | |
Remote Peer |
|
| can check Reverse Route Remote Peer, as shown in Figure | |
|
|
| Route Remote Peer option creates a route in the routing table for the remote tunnel | |
|
|
| endpoint. | |
|
|
|
|
|
Group Lock |
| checkbox | The Group Lock option ties user group membership to IKE negotiation user | |
|
|
| authentication during XAuth. Check the box to enable. Uncheck the box to disable | |
|
|
| this option. | |
|
|
|
|
|
Step 3 | Click Next to continue to the Remote Access VPN Policy – PIX Firewall Editor page as described in the | |||
| “Defining PIX | |||
|
|
|
|
|
Defining PIX Firewall-Specific Parameters
Perform the following steps if you are provisioning remote access on Cisco PIX security appliances in your network:
Step 1 The Remote Access VPN Policy – PIX Firewall Editor page appears as shown in Figure
Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2
|
| ||
|
|