33-20
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 33 Configuring Policy Objects for Remote Access VPNs
ASA Group Policies Dialog Box
Field Reference
ASA Group Policies DNS/WINS Settings
Use the DNS/WINS settings to define the DNS and WINS servers and the domain name that should be
pushed to clients associated with the ASA group policy. These settings apply to Easy VPN and remote
access IPSec and SSL VPN configurations.
Navigation Path
Select DNS/WINS from the table of contents in the ASA Group Policies Dialog Box, page 33-1.
Field Reference
Table33-11 Add or Edit Auto Signon Rules Dialog Box
Element Description
Allow IP Select this option to configure an IP address or subnet for the rule. Any
server within this subnet is supplied the specified login credentials.
To enter the IP address of a single server, enter the full IP address
and use 255.255.255.255 as the subnet mask.
To specify a subnet, enter the network address and subnet mask, for
example, IP address 10.100.10.0 mask 255.255.255.0.
If you want the appliance to send credentials to any internal server
the user tries to access, create rules for all of your internal
networks. You might be able to do this with a single rule.
Allow URI Select this option to configure a Universal Resource Identifier (URI)
for the rule. This identifies the internal server based on URI rather than
IP address. For example, https://*.example.com/* creates a rule for all
web pages on any server in the example.com domain. Use the asterisk
as a wildcard to apply to zero or more characters.
Authentication Type The type of credentials that the security appliance will pass on to the
servers covered by this rule: Basic HTML, NTLM (NT LAN Manager)
authentication, FTP, or all of these methods.
The default option is All. Use the default unless you want to limit logins
to a certain type.
Table33-12 ASA Group Policies DNS/WINS Settings
Element Description
Primary DNS Server The IP address of the primary DNS server for the group. Enter the IP
address or the name of a network/host object, or click Select to select
an object from a list or to create a new object.
Secondary DNS Server The IP address of the secondary DNS server for the group. Enter the IP
address or the name of a network/host object, or click Select to select
an object from a list or to create a new object.
Primary WINS Server The IP address of the primary WINS server for the group. Enter the IP
address or the name of a network/host object, or click Select to select
an object from a list or to create a new object.