Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

ASA_SSL_VPN

VIEWS: 10 PAGES: 26

									          ASA 5505
          SSL VPN

           Joe Cicero
Northeast Wisconsin Technical College
About SSL VPN Client Connections
 With an SSL VPN client setup, remote
 users do not need to install a software
 client before attempting to establish a
 connection.
 With correct credentials any user with a
 browser can connect to internal resources
 on the network
Starting the “SSL VPN Wizard”
Setting Your Connection Type
The ASA 5505 provides two types of SSL
VPN Access.
– Clientless SSL VPN Access, no additional
  software is downloaded and installed to obtain
  access to SUPPORTED internal resources.
– Cisco SSL VPN Client (Anyconnect VPN
  Client), The ASA pushes a self-installing client
  to the remote PC that allows FULL, secure
  access to internal resource.
Setting Your Connection Type
Interface, Certificate, and Group
            Settings
Connection Name
– Provide a connection name for this group of connection-oriented
  attributes.
SSL VPN Interface
– Specify the interface to allow SSL VPN connections.
Digital Certificate
– Specify a certificate, if any, that the security appliance sends to
  the remote PC.
Connection Group Settings
– You can enable the security appliance to display a group alias
  for this connection on the login page.
– Display Group Alias list at the login page—Enable to display the
  group alias.
Setting the VPN Interface
Configuring User Authentication
 Authenticate using a AAA server group—Enable to let
 the security appliance contact a remote AAA server
 group to authenticate the user.
 AAA Server Group Name—Select a AAA server group
 from the list of pre-configured groups, or click New to
 create a new group.
 Authenticate using the local user database—Add new
 users to the local database stored on the security
 appliance.
 –   Username—Create a username for the user.
 –   Password—Create a password for the user.
 –   Confirm Password—Re-type the same password to confirm.
 –   Add/Delete—Add or delete the user from the local database.
Configuring User Authentication
    Defining a Group Policy
Group policies configure common
attributes for groups of users. Create a
new group policy or select an existing one
to modify.
Create new group policy
– Enable to create a new group policy. Provide
  a name for the new policy.
Modify existing group policy
– Select an existing group policy to modify.
Defining a Group Policy
  Creating a Bookmark List
Bookmark lists appear on the portal page
for Clientless, browser-based connections.
SSL VPN client users can see these
bookmarks to enable easy access to
resources.
Bookmark List
– Select an existing list or click Manage to
  create a new list, or import or export
  bookmark lists.
Creating a Bookmark List
Confirming No Bookmark
Summary Screen
        Client Connection
To connect to the SSL VPN you simply
use a browser to connect to the external
interface of your ASA 5505 via https!
The following pages will show you what
the SSL VPN looks like from a Mozilla
client.
Client Connection
You will need to accept certificates
Questions / Comments

								
To top