21-5
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter21 Cisco IOS SSL VPN
Creating an SSL VPN Connection
that enables you to complete the missing configuration. When all prerequisite
configurations are complete, you can return to this window and st art configuring
Cisco IOS SSLVPN.
Cisco SDM enables AAA without user input. Cisco SDM can help you generate
public and private keys for the router, and enroll them with a certification
authority to obtain digital certificates. See Public Key Infrastructure for more
information. Alternatively, you can configure a persistent self-signed certificate
that does not require approval by a CA. For more information on the persistent
self-signed certificate feature, see the information at this link:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_gui
de09186a008040adf0.html#wp1066623
Make sure that the entire URL is present in the link field in your browser.
Create a new SSL VPN
Select this option to create a new CiscoIOS SSL VPN configuration. This wizard
enables you to create a CiscoI OS SSL VPN with one user policy and a limited set
of features. After you complete this wizard, you can use the other wizards to
configure addition policies and features for the Cisco IOS SSL VPN. You can
return to this wizard to create additional CiscoIOS SSL VPN configurations.
When you use Cisco SDM to create the first CiscoIOS SSL VPN configuration
on a router, you create a CiscoIOS SSL VPN context, configure a gateway, and
create a group policy. After you complete the wizard, click Edit SSL VPN to view
the configuration and familiarize yourself with how CiscoIOS SSL VPN
components work together. For information that will help you understand what
you see, click Cisco IOS SSLVPN Contexts, Gateways, and Policies.
Add a new policy to an existing SSL VPN for a new group of users
Select this option to add a new policy to an existing CiscoIOS SSL VPN
configuration for a new group of users. Multiple policies allow you to define
separate sets of capabilities for different groups of users. For example, you might
define a policy for engineering, and a separate policy for sales.
Configure advanced features for an existing SSL VPN
Select this option to configure additional features for an existing CiscoIOS SSL
VPN policy. You must specify the context under which this policy is configured.