30-8
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 30 Managing Remote Access VPNs on ASA and PIX 7.0+ Devices
Configuring Connection Profiles (ASA, PIX 7.0+)
Step 8 Click OK.
Connection Profiles Page
Use the Connection Profiles page to manage connection profile policies for remote access VPN or Easy
VPN topologies. Use of this policy differs depending on the type of VPN you are configuring:
Remote access SSL VPN—The policy is used only for ASA devices. You can create multiple
profiles, and configure settings on all tabs of the Connection Profiles dialog box.
Remote access IPSec VPN—The policy is used for ASA devices and PIX Firewalls running PIX
7.0+ software. You can create multiple profiles, but only the General, AAA, and IPSec tabs on the
Connection Profiles dialog box apply to this configuration (in some cases, you will see only these
tabs).
Easy VPN topologies—The policy is used for Easy VPN servers (hubs) that are ASA devices or PIX
Firewalls running PIX 7.0+ software. You can create a single profile, so the policy page actually
imbeds the Connection Profiles dialog box, so that you have direct access to the tabs that define the
profile. Only the General, AAA, and IPSec tabs apply.
For remote access IPSec and SSL VPNs:
To add a profile, click the Add Row button and fill in the Connection Profiles dialog box.
To edit an existing profile, select it and click the Edit Row button.
To delete a profile, select it and click the Delete Row button.
The connection profile consists of the following tabs. Configure them as appropriate for the type of VPN
you are configuring.
General Tab (Connection Profiles), page30-9
AAA Tab (Connection Profiles), page 30-11
Secondary AAA Tab (Connection Profiles), page30-14 (SSL VPN and IKEv2 IPsec VPN only.)
IPSec Tab (Connection Profiles), page30-16 (IKEv1 IPsec VPN only, does not apply to SSL or
IKEv2 IPsec VPNs.)
SSL Tab (Connection Profiles), page30-18 (SSL VPN only)
Navigation Path
Remote access VPNs:
(Device View) Select a ASA or PIX 7+ device and select Remote Access VPN > Connection
Profiles from the Policy selector.
(Policy View) Select Remote Access VPN > Connection Profiles (ASA) from the Policy Type
selector. Select an existing policy or create a new one.
Easy VPN:
From the Site-to-Site VPN Manager Window, page24-18, select the Easy VPN topology and then
select Connection Profiles (PIX7.0/ASA).
(Device view) Select a device that participates in the Easy VPN topology and select Site to Site VPN
from the Policy selector. Select the Easy VPN topology and click Edit VPN Policies to open the
Site-to-Site VPN Manager Window, page 24-18, where you can select the policy.