Learning Center
Plans & pricing Sign in
Sign Out



									          ASA 5505
          SSL VPN

           Joe Cicero
Northeast Wisconsin Technical College
About SSL VPN Client Connections
 With an SSL VPN client setup, remote
 users do not need to install a software
 client before attempting to establish a
 With correct credentials any user with a
 browser can connect to internal resources
 on the network
Starting the “SSL VPN Wizard”
Setting Your Connection Type
The ASA 5505 provides two types of SSL
VPN Access.
– Clientless SSL VPN Access, no additional
  software is downloaded and installed to obtain
  access to SUPPORTED internal resources.
– Cisco SSL VPN Client (Anyconnect VPN
  Client), The ASA pushes a self-installing client
  to the remote PC that allows FULL, secure
  access to internal resource.
Setting Your Connection Type
Interface, Certificate, and Group
Connection Name
– Provide a connection name for this group of connection-oriented
SSL VPN Interface
– Specify the interface to allow SSL VPN connections.
Digital Certificate
– Specify a certificate, if any, that the security appliance sends to
  the remote PC.
Connection Group Settings
– You can enable the security appliance to display a group alias
  for this connection on the login page.
– Display Group Alias list at the login page—Enable to display the
  group alias.
Setting the VPN Interface
Configuring User Authentication
 Authenticate using a AAA server group—Enable to let
 the security appliance contact a remote AAA server
 group to authenticate the user.
 AAA Server Group Name—Select a AAA server group
 from the list of pre-configured groups, or click New to
 create a new group.
 Authenticate using the local user database—Add new
 users to the local database stored on the security
 –   Username—Create a username for the user.
 –   Password—Create a password for the user.
 –   Confirm Password—Re-type the same password to confirm.
 –   Add/Delete—Add or delete the user from the local database.
Configuring User Authentication
    Defining a Group Policy
Group policies configure common
attributes for groups of users. Create a
new group policy or select an existing one
to modify.
Create new group policy
– Enable to create a new group policy. Provide
  a name for the new policy.
Modify existing group policy
– Select an existing group policy to modify.
Defining a Group Policy
  Creating a Bookmark List
Bookmark lists appear on the portal page
for Clientless, browser-based connections.
SSL VPN client users can see these
bookmarks to enable easy access to
Bookmark List
– Select an existing list or click Manage to
  create a new list, or import or export
  bookmark lists.
Creating a Bookmark List
Confirming No Bookmark
Summary Screen
        Client Connection
To connect to the SSL VPN you simply
use a browser to connect to the external
interface of your ASA 5505 via https!
The following pages will show you what
the SSL VPN looks like from a Mozilla
Client Connection
You will need to accept certificates
Questions / Comments

To top