31-28
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 31 Managing Dynamic Access Policies for Remote Access VPNs (ASA 8.0+ Devices)
Dynamic Access Page (ASA)
Navigation Path
Open the Add/Edit Dynamic Access Policy Dialog Box, page 31-12 with the Main tab selected, then
click Create, or select a dynamic access policy in the table and click Edit. The Add/Edit DAP Entry
dialog box is displayed. Select Application as the Criterion.
Related Topics
Understanding DAP Attributes, page 31-3
Configuring DAP Attributes, page31-7
Configuring Dynamic Access Policies, page 31-2
Field Reference
Add/Edit DAP Entry Dialog Box > Device
The DAP Device Criterion lets you provide specific device information for use during the associated
prelogin policy checking. You can provide one or more of the following attributes for a device—host
name, MAC address, port number, Privacy Protection selection—and indicate whether each is or isn’t to
be matched.
Note that isn’t is exclusionary. For example, if you specify the criterion Host Name isn’t zulu_2, all
devices not named zulu_2 will match.
Navigation Path
Open the Add/Edit Dynamic Access Policy Dialog Box, page 31-12 with the Main tab selected, then
click Create, or select a dynamic access policy in the table and click Edit. The Add/Edit DAP Entry
dialog box is displayed. Choose Device as the Criterion.
Related Topics
Understanding DAP Attributes, page 31-3
Configuring DAP Attributes, page31-7
Configuring Dynamic Access Policies, page 31-2
Table31-12 Add/Edit DAP Entry Dialog Box > Application
Element Description
Criterion Shows Application as the selection criterion.
Client Type Select the check box, then select the matching criteria (for example, is
or isn’t) from the drop-down list, and specify the type of remote access
connection from the list: AnyConnect, Clientless, Cut-through Proxy,
IPsec, or L2TP.
Note If you select AnyConnect as the client type, make sure to enable
Cisco Secure Desktop. If it is not enabled, Security Manager
generates an error.