Configuration Wizards

2

 

Using the Remote Access VPN Wizard

 

 

 

 

 

NOTE: You must have valid CA certificates imported on your security appliance before you use the digital certificates to authenticate. Go to the Device Management > Certificate Management page to import the CA certificates. See Managing Certificates for Authentication, page 418.

STEP 5 After you are finished, click Next.

Configuring WAN Settings

STEP 6 Use the WAN page to choose the WAN port that traffic passes through over the VPN tunnel. If you have two links, you can enable WAN Failover to redirect traffic to the secondary link when the primary link is down.

WAN Failover: Click On to enable WAN Failover, or click Off to disable it.

NOTE: To enable WAN Failover for IPsec Remote Access, make sure that the secondary WAN port was configured and the WAN redundancy was set as the Load Balancing or Failover mode. The security appliance will automatically update the local WAN gateway for the VPN tunnel based on the configurations of the backup WAN link. For this purpose, Dynamic DNS has to be configured because the IP address will change due to failover. In this case, remote VPN clients must use the domain name of the IPsec VPN server to establish the VPN connections.

WAN Interface: Choose the WAN port that traffic passes through over the VPN tunnel.

STEP 7 After you are finished, click Next.

Configuring Operation Mode

STEP 8 Use the Network page to configure the mode of operation. The Cisco VPN hardware client supports Network Extension Mode (NEM) and Client Mode. The IPsec Remote Access group policy must be configured with the corresponding mode to allow only the Cisco VPN hardware clients in the same operation mode to be connected.

For example, if you choose the Client mode for the IPsec Remote Access group policy, only the Cisco VPN hardware clients in Client mode can be connected by using this group policy. For more information about the operation mode, see Modes of Operation, page 365.

Mode: Choose one of the following modes:

-Client: Choose this mode for the group policy that is used for both the PC running the Cisco VPN Client software and the Cisco device that supports the Cisco VPN hardware client in Client mode. In Client mode,

Cisco ISA500 Series Integrated Security Appliances Administration Guide

56

Page 55 Page 57
Page 56
Image 56
Casio ISA550WBUN3K9 manual Configuring WAN Settings, Configuring Operation Mode
Page 55 Page 57
Top Page Image Contents