Cisco Systems OL-5532-02 Simultaneous, Logins Min Password, Length Allow Alphabetic, Strip Realm

Page 19

Chapter 4 Remote Access VPN Services

Creating Remote Access VPN Policies

Figure 4-19 The Remote Access VPN Policy – VPN 3000 Editor Page

 

Step 2

Follow the instructions in Table 4-8to enter VPN 3000-specific parameters.

 

 

Table 4-8 VPN 300 Editor Fields

 

 

 

 

 

 

 

Field Name

 

Type

Instructions

 

 

 

 

 

 

 

Simultaneous

 

text box

Enter the number of simultaneous logins for this group.

 

Logins

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Min Password

 

text box

Enter the minimum password length for users in this group.

 

Length

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Allow Alphabetic

 

checkbox

Enter whether to allow users with alphabetic-only passwords to be added to this

 

Only Passwords

 

 

group.

 

 

 

 

 

 

 

Strip Realm

 

checkbox

Check the Strip Realm checkbox to remove the realm qualifier of the user name

 

 

 

 

during authentication. When enabled, authentication is based on the username alone.

 

 

 

 

Otherwise, authentication is based on the full username@realm string. You must

 

 

 

 

enable this option if your server is unable to parse delimiters.

 

 

 

 

 

 

 

Idle Timeout

 

text box

Enter the idle timeout in minutes for this group.

 

 

 

 

 

 

 

Max Connect Time

 

text box

Enter the maximum connection time in minutes for this group.

 

 

 

 

 

 

 

IKE Peer Identity

 

drop-down

Select whether or not to validate the identity of the peer using the peer device

 

 

 

list

certificate.

 

 

 

 

 

 

 

IKE Keepalives

 

checkbox

Check to enable the use of IKE keepalives for members of this group.

 

 

 

 

 

 

 

Authentication on

 

checkbox

Check to re-authenticate the user on an IKE (Phase-1) rekey.

 

Rekey

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

OL-5532-02

 

 

 

 

4-19

 

 

 

 

 

 

 

 

Page 18 Page 20
Image 19
Page 18 Page 20
Contents Remote Access VPN Services Adding AAA Server Devices to Your Repository AAA Servers IP Address TimeoutName Owner Select buttonCreating Encryption Policies Policies Click Remote Access VPN PolicyRemote Access VPN Policy General Editor Use Mode Group PasswordConfirm Password XAuth TimeoutIKE NAT Keepalive AuthenticationDefault Domain NAT TraversalDefining Address Pools Remote Access VPN Policy Address PoolsEnding Address Starting AddressNet Mask Defining Split Tunneling Networks Optional 11 Remote Access VPN Policy Split Tunneling Network ListCreate Split TunnelingPolicy Generate14 The Everything Option for Split Tunneling Defining the Remote Access User List OptionalUser ID PasswordEnabled SA Idle Timeout SA Idle TimeoutDefining Cisco IOS Software-Specific Parameters Group Lock Defining PIX Firewall-Specific ParametersReverse Route InjectionSysopt Connection Idle TimeoutDefining VPN 3000-Specific Parameters Max Connect TimeSimultaneous Logins Min PasswordOnly Passwords Authentication onDefining the VPN 3000 Access Hours End Time Defining the VPN 3000 L2TP ParametersControl Start TimeRequire Stateless Use Client AddressL2TP Compression RequiredMSCHAPv1 SummaryMSCHAPv2 23 The Policies Page with Policy Status Displayed Creating Remote Access VPN Service Requests IPsec Network-basedDescription CPEs Remote AccessPolicies AAA Servers29 CPEs Associated with Remote Access Service Dialog Box 31 Add/Remove Templates Dialog Box 32 The Template DataFile Chooser Active ActionOL-5532-02
Top Page Image Contents