Configuration Wizards
Using the Remote Access VPN Wizard
Cisco ISA500 Series Integrated Security Appliances Administration Guide 62
2
Client Domain: Enter the domain name that should be pushed to the SSL
VPN clients.
Login Banner: After the SSL VPN user logged in, a configurable login banner
is displayed. Enter the message text to display along with the banner.
STEP 6 In the Gateway (Advanced) area, enter the following information:
Idle Timeout: Enter the timeout value in seconds that the SSL VPN session
can remain idle. The default value is 2100 seconds.
Session Timeout: Enter the timeout value in seconds that a SSL VPN
session can remain active. The default value is 0 seconds, which indicates
that the SSL VPN session can always be active.
Client DPD Timeout: Dead Peer Detection (DPD) allows detection of dead
peers. Enter the DPD timeout that a session will be maintained with a
nonresponsive remote client. The default value is 300 seconds.
Gateway DPD Timeout: Enter the DPD timeout that a session will be
maintained with a nonresponsive SSL VPN gateway. The default value is 300
seconds.
NOTE: If the SSL VPN gateway has no response over two or three times of
the DPD timeout, the SSL VPN session will be terminated.
Keep Alive : Enter the interval, in seconds, at which the SSL VPN client will
send keepalive messages. These messages ensure that the SSL VPN
connection remains open, even if the client’s maximum idle time is limited by
an intermediate device, such as a proxy, firewall or NAT device.
Lease Duration: Enter the amount of time after which the SSL VPN client
must send an IP address lease renewal request to the server. The default
value is 43200 seconds.
Max MTU: Enter the maximum transmission unit for the session. The default
value is 1406 bytes.
Rekey Interval: Enter the frequency of the rekey in this field. The default
value is 3600 seconds.
STEP 7 After you are finished, click Next.
Configuring SSL VPN Group Policy
STEP 8 Use the Group Policy page to configure the SSL VPN group policies.