Chapter 4 Remote Access VPN Services

Creating Remote Access VPN Policies

Figure 4-18 The Remote Access VPN Policy – PIX Firewall Editor Page

Step 2

Use the instructions in Table 4-7to enter values for the PIX Firewall-specific parameters.

 

Table 4-7 PIX Firewall Editor Fields

 

 

 

 

 

Field Name

 

Type

Instructions

 

 

 

 

 

Idle Timeout

 

text box

Enter the inactivity timeout for the VPN client. The default is 1800 seconds.

 

 

 

 

 

Max Connect Time

 

text box

Enter maximum connection time between the VPN client and server. The default is

(in seconds)

 

 

1800 seconds.

 

 

 

 

 

Sysopt Connection

 

checkbox

Check to implicitly permit IPsec traffic. The default setting is checked.

Permit IPsec

 

 

This option issues a PIX Firewall sysopt permit-ipsec-connectioncommand to

 

 

 

 

 

 

permit IPsec traffic to pass through PIX Firewalls without checking the traffic against

 

 

 

conduit or access-list command statements in the firewall configuration.

 

 

 

 

 

Step 3

Click Next to continue to the Remote Access VPN Policy – VPN 3000 Editor page as described in the

 

“Defining VPN 3000-Specific Parameters” section on page 4-18.

 

 

 

 

 

Defining VPN 3000-Specific Parameters

Perform the following steps if you are provisioning remote access on VPN 3000 devices in your network:

Step 1 The Remote Access VPN Policy – VPN 3000 Editor page appears as shown in Figure 4-19.

Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2

4-18

OL-5532-02

 

 

Page 18
Image 18
Cisco Systems OL-5532-02 manual Defining VPN 3000-Specific Parameters, Idle Timeout, Max Connect Time, Sysopt Connection