AppendixB Site-to-Site VPN User Interface Reference
Site to Site VPN Policies
B-80
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
Tunnel Group Policy > Advanced TabUse the Advanced tab of the PIX7.0/ASATunnel Group Policy page to specify
interface-specific information for your tunnel group.
Authorization Settings
Use Entire DN as the Username Select to use the entire Distinguished Name (DN) as the identifier
for the username.
A distinguished name (DN) is a unique identification, made up of
individual fields, that can be used as the identifier when matching
users to a tunnel group. DN rules are used for enhanced certificate
authentication on PIX Firewalls and ASA devices.
Specify Individual DN fields as
the Username Select to use individual DN fields as the username when matching
users to the tunnel group.
A DN certificate is made up of different field identifiers to match
users to tunnel groups.
Primary DN field Available if you selected to use individual DN fields as the
username.
Select the primary DN field identifier to be used for identification
from the list.
Secondary DN field Available if you selected to use individual DN fields as the
username.
Select the secondary DN field indentifier to be used for
identification. Select None if no secondary field identifier is
required.
Save button Saves your changes to the server but keeps them private.
Note To publish your changes, click theSubmit button on the
toolbar.
Close button Closes the Site-to-Site VPN window.
Help button Opens help for this tab.
TableB-26 Easy VPN Server> TunnelGroup Policy(PIX 7.0/ASA) Page> IPSec Tab (continued)
Element Description