VPN
Configuring SSL VPN
Cisco ISA500 Series Integrated Security Appliances Administration Guide 378
8
Client Domain: Enter the domain name that should be pushed to SSL VPN
clients.
Login Banner: After the users logged in, a configurable login banner is
displayed. Enter the message text to display along with the banner.
STEP 4 In the Optional Gateway area, enter the following information:
Idle Timeout: Enter the timeout value in seconds that the SSL VPN session
can remain idle. The default value is 2100 seconds.
Session Timeout: Enter the timeout value in seconds that a SSL VPN
session can remain active. The default value is 0 seconds, which indicates
that the SSL VPN session can always be active.
Client DPD Timeout: Dead Peer Detection (DPD) allows detection of dead
peers. Enter the DPD timeout that a session will be maintained with a
nonresponsive remote client. The default value is 300 seconds.
Gateway DPD Timeout: Enter the DPD timeout that a session will be
maintained with a nonresponsive SSL VPN gateway. The default value is 300
seconds.
NOTE: If the SSL VPN gateway has no response over two or three times of
the DPD timeout, the SSL VPN session will be terminated.
Keep Alive : Enter the interval, in seconds, at which the SSL VPN client will
send keepalive messages. These messages ensure that the SSL VPN
connection remains open, even if the client’s maximum idle time is limited by
an intermediate device, such as a proxy, firewall or NAT device.
Lease Duration: Enter the amount of time after which the SSL VPN client
must send an IP address lease renewal request to the server. The default
value is 43200 seconds.
Max MTU: Enter the maximum transmission unit for the session. The default
value is 1406 bytes.
Rekey Method: Specify the session rekey method (SSL or New Tunnel).
Rekey allows the SSL keys to be renegotiated after the session has been
established.
Rekey Interval: Enter the frequency of the rekey in this field. The default
value is 3600 seconds.
STEP 5 Click Save to apply your settings.