21-15
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter21 Cisco IOS SSL VPN
Creating an SSL VPN Connection
Full Tunnel
Full tunnel clients must download the full tunnel software and obtain an IP
address from the router. Use this window to configure the IP address pool that fu ll
tunnel clients will draw from when they log in and to specify the location of the
full tunnel install bundle.
Note If the software install bundle is not already installed, there must be sufficient
memory in router flash for Cisco SDM to install it after you complete this wizard.

Enable Full Tunnel Checkbox

Check to allow the router to download the full tunnel client software to the user’s
PC, and to enable the other fields in this window.

IP Address Pool

Specify the IP address pool that full tunnel clients will draw from. You can enter
the name of an existing pool in the field, or you can click the button to the right
of the field and choose Select an existing IP pool to browse the list of pools,
Choose Create a new pool and complete the dialog that is displayed to create a
new pool. The address pool that you choose or create must contain addresses in
the corporate intranet.

Keep the Full Tunnel Client software installed on client’s PC Checkbox

Check if you want the Full Tunnel software to remain on the client’s PC after they
have logged off. If you do not check this checkbox, clients download the software
each time they establish communication with the gateway.

Install Full Tunnel Client Checkbox

Check if you want to install the full tunnel client software at this time. You can
also install the client software when editing this CiscoIOS SSL VPN.
The full tunnel client software must be installed on the router so that clients can
download it to establish full-tunnel connectivity. If the Full Tunnel software was
installed along with Cisco SDM, the path to it automatically appears in the
Location field, as shown in Example 21-1.