21-25
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter21 Cisco IOS SSL VPN
Editing SSL VPN Connections
Designate Inside and Outside Interfaces
An ACL that is applied to an interface on which a CiscoIOS SSL VPN connection
is configured may block the SSL traffic. Cisco SDM can automatically modify the
ACL to allow this traffic to pass through the firewall. However, you must indicate
which interface is the inside (trusted) interface, and which is the outside
(untrusted) interface for Cisco SDM to create the Access Control Entry (ACE)
that will allow the appropriate traffic to pass through the firewall.
Check Inside if the listed interface is a trusted interface, and check Outside if it
is an untrusted interface.
Select a Gateway
Select an existing gateway from this window. This window provides you with the
information you need to determine which gateway to select. It displays the names
and IP addresses of all gateways, the number of contexts each is associated with,
and whether the gateway is enabled or not.
Default Group Policy Select the policy that you want to use as the default group policy.
The default group policy will be used for users who have not been
included in any policy configured on the AAA server.
Enable RADIUS Accounting Check Enable RADIUS Accounting to enable this feature for the
context that you are editing. If this option is disabled, the AAA
authentication list chosen for the context does not include any
configured AAA servers. You must choose a different
authentication list, or configure a new one.
To add the information for an AAA to the router configuration, click
Additional Task s > AAA > AAA Servers > Add. Enter the IP
address and other required information in the displayed dialog. The
AAA server information you enter becomes available for use in
authentication lists.
Table21-1 SSL VPN Context Fields (continued)
Element Description