EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1948 background imageLoading...
Page #1948 background image
1-20
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AnyConnect VPN Client Connections
Configuring AnyConnect Connections
Translation Tables' Templates:
AnyConnect
PortForwarder
csd
customization
keepout
url-list
webvpn
Citrix-plugin
RPC-plugin
Telnet-SSH-plugin
VNC-plugin
Translation Tables:
es-us AnyConnect
Configuring Advanced AnyConnect SSL Features
The following section describes advanced features that fine-tune AnyConnect SSL VPN connections,
and includes the following sections:
• Enabling Rekey, page 1-20
• Enabling and Adjusting Dead Peer Detection, page 1-21
• Enabling Keepalive, page 1-21
• Using Compression, page 1-22
• Adjusting MTU Size, page 1-23
• Updating AnyConnect Client Images, page 1-23
Enabling Rekey
When the ASA and the AnyConnect client client perform a rekey on an SSL VPN connection, they
renegotiate the crypto keys and initialization vectors, increasing the security of the connection.
To enable the client to perform a rekey on an SSL VPN connection for a specific group or user, use the
anyconnect ssl rekey command from group-policy or username webvpn modes.
[no]anyconnect ssl rekey {method {new-tunnel | none | ssl} | time minutes}
method new-tunnel specifies that the client establishes a new tunnel during rekey.
method ssl specifies that the client estanyablishes a new tunnel during rekey.
method none disables rekey.
Note Configuring the rekey method as ssl or new-tunnel specifies that the client establishes a new
tunnel during rekey instead of the SSL renegotiation taking place during the rekey. See the Cisco
ASA 5500 Series Command Reference, 8.4 for a history of the anyconnect ssl rekey command.
time minutes specifies the number of minutes from the start of the session, or from the last rekey, until
the rekey takes place, from 1 to 10080 (1 week).
In the following example, the client is configured to renegotiate with SSL during rekey, which takes
place 30 minutes after the session begins, for the existing group-policy sales:
hostname(config)# group-policy sales attributes

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals