AppendixB Site-to-Site VPN User Interface Reference
Site to Site VPN Policies
B-76
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
Group Policy The group policy to be appliedto the tunnelgroup. A group policy
is a collection of user-oriented attribute/value pairs stored either
internally on the device or externally on a RADIUS/LDAP server.
Click Select to open a dialog box that lists all availableASA group
policies, and in which you can create an ASA group policy object.
For more information, see Working with ASA User Groups,
page 8-45.
AAA
Authentication Server Group The name of the authentication server group(LOCAL if thetunnel
group is configured on the local device).
You can clickSelect to open a dialog box that lists all available
AAA server groups, and in which you can create AAA servergroup
objects. For more information, see Working with AAA Server
Group Objects, page 8-6.
Note If you want to set the authentication server group per
interface, click the Advanced tab.
User LOCAL if Server Group
fails Available if you selected LOCAL for the authentication server
group.
When selected, enables fallback to the local database for
authentication if the selected authentication server group fails.
Authorization Server Group The name of the authorization server group (LOCAL if the tunnel
group is configured on the local device).
You can clickSelect to open a dialog box that lists all available
AAA server groups, and in which you can create AAA servergroup
objects. For more information, see Working with AAA Server
Group Objects, page 8-6.
User must exist in the
authorization database to
connect
Whenselected, specifies that the username of the remote client must
exist in the database so a successful connection can be established.
Ifthe username does not exist in the authorization database, then the
connection is denied.
TableB-25 Easy VPN Server> TunnelGroup Policy(PIX 7.0/ASA) Page> General Tab
Element Description