Cisco Systems OL-5532-02 manual Remote Access, Policies, AAA Servers, CPEs

Page 27

Chapter 4 Remote Access VPN Services

Creating Remote Access VPN Service Requests

Table 4-11 IPsec Remote Access Service Editor Fields (continued)

Field Name

Type

Instructions

 

 

 

Remote Access

list

Specify the remote access policy to use in this service request by clicking Select. The

Policies

 

Policy for Remote Access Service page appears as shown in Figure 4-26. Choose the

 

 

policy and click Select. You can select multiple remote access policies. Each Remote

 

 

Access Policy defines a user group, and using multiple remote access policies in the

 

 

same service request enables you to configure multiple user groups on the same CPE

 

 

device.

 

 

Figure 4-26 The Policy for Remote Access Service Page

 

 

 

AAA Servers

list

Specify the AAA server by clicking Select. The AAA Server for Remote Access

 

 

Service page appears as shown in Figure 4-27. Choose the AAA server and click

 

 

Select. You can select multiple AAA servers, for example, if you are using different

 

 

servers for authentication and accounting or to configure backup AAA servers.

 

 

(Optional) AAA Server interface – Specify an IP address of an interface to use for

 

 

all outgoing RADIUS packets. Choose the AAA server Interface and click Select.

 

 

Figure 4-27 The AAA Server for Remote Access Service Page

 

 

 

CPEs

row

Continue to Step 4 for instructions on how to add CPE devices to your service

 

 

request.

 

 

 

Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2

 

OL-5532-02

4-27

 

 

 

Page 26 Page 28
Image 27
Page 26 Page 28
Contents Remote Access VPN Services Adding AAA Server Devices to Your Repository AAA Servers IP Address TimeoutName Owner Select buttonCreating Encryption Policies Policies Click Remote Access VPN PolicyRemote Access VPN Policy General Editor Use Mode Group PasswordConfirm Password XAuth TimeoutIKE NAT Keepalive AuthenticationDefault Domain NAT TraversalDefining Address Pools Remote Access VPN Policy Address PoolsStarting Address Ending AddressNet Mask Defining Split Tunneling Networks Optional 11 Remote Access VPN Policy Split Tunneling Network ListCreate Split TunnelingPolicy Generate14 The Everything Option for Split Tunneling Defining the Remote Access User List OptionalUser ID PasswordSA Idle Timeout Enabled SA Idle TimeoutDefining Cisco IOS Software-Specific Parameters Group Lock Defining PIX Firewall-Specific ParametersReverse Route InjectionSysopt Connection Idle TimeoutDefining VPN 3000-Specific Parameters Max Connect TimeSimultaneous Logins Min PasswordOnly Passwords Authentication onDefining the VPN 3000 Access Hours End Time Defining the VPN 3000 L2TP ParametersControl Start TimeRequire Stateless Use Client AddressL2TP Compression RequiredSummary MSCHAPv1MSCHAPv2 23 The Policies Page with Policy Status Displayed Creating Remote Access VPN Service Requests Network-based IPsecDescription CPEs Remote AccessPolicies AAA Servers29 CPEs Associated with Remote Access Service Dialog Box 31 Add/Remove Templates Dialog Box 32 The Template DataFile Chooser Active ActionOL-5532-02
Top Page Image Contents