29-16
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 29 Managing Remote Access VPNs: The Basics
Using the Remote Access VPN Configuration Wizard
Related Topics
Creating SSL VPNs Using the Remote Access VPN Configuration Wizard (ASA Devices),
page 29-14
Understanding Interface Role Objects, page 6-67
Field Reference
SSL VPN Configuration Wizard—Connection Profile Page (ASA)
Use the Connection Profile page in the SSL VPN Configuration wizard to configure the tunnel group
policies on your security appliance. You can specify a name for the tunnel connection profile policy that
you are adding, select the user group policy, specify address pools for this policy, and specify
authentication server group settings.
Navigation Path
(Device view) Open the Remote Access VPN Configuration Wizard for configuring a remote access SSL
VPN on an ASA device (see Using the Remote Access VPN Configuration Wizard, page29-13); then
click Next until you reach this page.
Table29-2 SSL VPN Wizard—Access Page (ASA)
Element Description
Interfaces to Enable SSL
VPN Service
The interfaces or interface roles that identify the interfaces on which
you want to enable SSL VPN connections. Click Select to select
interfaces or interface roles, or to create new interface roles.
Port Number The port number to use for the SSL VPN sessions. Enter a port number
or port list object name, or click Select to select an object that defines
the port, or to create a new object.
The default port is 443, for HTTPS traffic. The port number can be 443,
or within the range of 1024-65535. If you change the port number, all
current SSL VPN connections terminate, and current users must
reconnect.
Note If HTTP port redirection is enabled, the default HTTP port
number is 80.
Portal Page URLs The URLs that users would use to connect to the VPN. The URLs are
displayed after you specify the interfaces and port number.
Allow Users to Select
Connection Profile in Portal
Page
Whether to present a list of configured connection profiles (tunnel
groups) from which the user can select the appropriate profile when the
user logs in (for example, in the SSL VPN portal page). If you do not
select this option, the user cannot select a profile and must use the
default profile for the connection.
Enable AnyConnect Access Whether to allow the user to use the AnyConnect VPN client to make
an SSL or IKEv2 IPSec VPN connection. The option is selected by
default. For details about AnyConnect VPN clients, see Understanding
SSL VPN AnyConnect Client Settings, page 30-52.
Note To enable AnyConnect Essentials, go to Remote Access VPN >
SSL VPN > Access. For details, see Configuring an Access
Policy, page 30-40.