29-15
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter29 Managing Remote Access VPNs: The Basics
Using the Remote Access VPN Configuration Wizard
Group Policies—This table lists all group policies currently used on the device, whether for SSL or
IPsec VPNs. You can click Edit to add other group policies.
Global IP Address Pool—Enter the address pools from which IP addresses are assigned. The server
uses these address pools in the order listed. If all addresses in the first pool have been assigned, it
uses the next pool, and so on. You can specify up to 6 pools.
Specify the pools as address ranges or network/host objects that contain address ranges, in the
format Start_Address-End_Address, for example, 10.100.10.2-10.100.10.254. Click Select to select
network/host objects or to create new objects.
Step 12 On the Connection Profile page, configure these options that will later appear in the SSL VPN tab of the
connection profile (see SSL Tab (Connection Profiles), page 30-18):
Portal Page Customization—The name of the SSL VPN Customization policy object that defines
the default portal page for the VPN. Click Select to select the object or to create a new object.
Note You can set up different login windows for different groups by using a combination of
customization profiles and tunnel groups. For example, assuming that you had created
a customization profile called salesgui, you can create an SSL VPN tunnel group called
sales that uses that customization profile.
Connection URL—The URL of the connection profile. This URL provides users with direct access
to the customized portal page. Select a protocol (http or https) from the list, and specify the URL
including the name of the connection profile, in the field provided.
The URL is made up of the host name or IP address of the ASA device and port number, and the
alias used to identify the SSL VPN connection profile.
Note If you do not specify a URL, you can access the portal page by entering the portal page
URL, and then selecting the connection profile alias from a list of configured connection
profile aliases configured on the device. See SSL VPN Configuration Wizard—Access
Page (ASA), page 29-15.
Step 13 On the Connection Profile page, configure the AAA options for authentication, authorization, and
accounting, and secondary authentication, which will later appear on the AAA and Secondary AAA tab
of the connection profile (see AAA Tab (Connection Profiles), page30-11 and Secondary AAA Tab
(Connection Profiles), page 30-14).
Step 14 Click Finish to save your changes.
SSL VPN Configuration Wizard—Access Page (ASA)
Use the Access page of the SSL VPN Configuration Wizard to configure the security appliance
interfaces for SSL VPN sessions. After you complete the wizard, you can later edit these settings in the
SSL VPN Access policy; see SSL VPN Access Policy Page, page 30-37.
Navigation Path
(Device view) Open the Remote Access VPN Configuration Wizard for configuring a remote access SSL
VPN on an ASA device (see Using the Remote Access VPN Configuration Wizard, page 29-13). The
Access page is the first page that appears.