VPN
Configuring SSL VPN
Cisco ISA500 Series Integrated Security Appliances Administration Guide 382
8
The SSL VPN portal provides a message to remind users to install the Cisco
AnyConnect Secure Mobility Client software to connect to the SSL VPN server.
You can find the software installers from the CD that is packed with the device or
download the software installers from Cisco.com. See Installing Cisco
AnyConnect Secure Mobility Client, page 375.
You can access the SSL VPN portal via a web browser from the WAN side by
using the HTTPS protocol. You must first enable the SSL VPN feature on the
security appliance and then enter the entire address pair “Gateway IP
address:Gateway port number” in the address bar to access the SSL VPN portal.
Allowing SSL VPN Clients to Access the InternetEnabling Client Internet Access will automatically create advanced NAT rules to
allow SSL VPN clients to access the Internet over SSL VPN tunnels. This section
provides an example of manually configuring advanced NAT rules to allow SSL
VPN clients to access the Internet over SSL VPN tunnels.
STEP 1 Assuming that you enable the SSL VPN feature and configure the gateway
settings as follows.
STEP 2 If only a single WAN interface is configured, go to the Firewall > NAT > Advanced
NAT page to create an advanced NAT rule as follows.
Field Setting
Gateway Interface WA N1
Gateway Port 443
Certificate File default
Client Address Pool 192.168.200.0
Client Netmask 255.255.255.0
Field Setting
Name SSLVPN_to_WAN1