Appendix B Site-to-Site VPN User Interface Reference

Site to Site VPN Policies

Table B-26 Easy VPN Server > Tunnel Group Policy (PIX 7.0/ASA) Page > IPSec Tab (continued)

Element

Description

 

 

Authorization Settings

 

 

 

Use Entire DN as the Username

Select to use the entire Distinguished Name (DN) as the identifier

 

for the username.

 

A distinguished name (DN) is a unique identification, made up of

 

individual fields, that can be used as the identifier when matching

 

users to a tunnel group. DN rules are used for enhanced certificate

 

authentication on PIX Firewalls and ASA devices.

 

 

Specify Individual DN fields as

Select to use individual DN fields as the username when matching

the Username

users to the tunnel group.

 

A DN certificate is made up of different field identifiers to match

 

users to tunnel groups.

 

 

Primary DN field

Available if you selected to use individual DN fields as the

 

username.

 

Select the primary DN field identifier to be used for identification

 

from the list.

 

 

Secondary DN field

Available if you selected to use individual DN fields as the

 

username.

 

Select the secondary DN field indentifier to be used for

 

identification. Select None if no secondary field identifier is

 

required.

 

 

Save button

Saves your changes to the server but keeps them private.

 

Note To publish your changes, click the Submit button on the

 

toolbar.

 

 

Close button

Closes the Site-to-Site VPN window.

 

 

Help button

Opens help for this tab.

 

 

Tunnel Group Policy > Advanced Tab

Use the Advanced tab of the PIX7.0/ASA Tunnel Group Policy page to specify interface-specific information for your tunnel group.

 

User Guide for Cisco Security Manager 3.0.1

B-80

OL-8214-02

Page 80
Image 80
3D Innovations 3.0.1 appendix Tunnel Group Policy Advanced Tab