EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1640 background imageLoading...
Page #1640 background image
1-6
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Connection Profiles, Group Policies, and Users
Configuring Connection Profiles
Configuring Connection Profiles
This section describes the contents and configuration of connection profiles in both single context mode
or multiple-context mode:
Note Multiple-context mode applies only to IKEv2 and IKEv1 site to site and does not apply to AnyConnect,
Clientless SSL VPN, legacy Cisco VPN client, the Apple native VPN client, the Microsoft native VPN
client, or cTCP for IKEv1 IPsec.
Maximum Connection Profiles, page 70-6
Default IPsec Remote Access Connection Profile Configuration, page 70-7
Specifying a Name and Type for the Remote Access Connection Profile, page 70-8
Configuring Remote-Access Connection Profiles, page 70-8
Configuring LAN-to-LAN Connection Profiles, page 70-17
Configuring Connection Profiles for Clientless SSL VPN Sessions, page 70-20
Customizing Login Windows for Users of Clientless SSL VPN Sessions, page 70-27
Configuring the Connection Profile for RADIUS/SDI Message Support for the AnyConnect Client,
page 70-34
You can modify the default connection profiles, and you can configure a new connection profile as any
of the three tunnel-group types. If you do not explicitly configure an attribute in a connection profile,
that attribute gets its value from the default connection profile. The default connection-profile type is
remote access. The subsequent parameters depend upon your choice of tunnel type. To see the current
configured and default configuration of all your connection profiles, including the default connection
profile, enter the show running-config all tunnel-group command.
Maximum Connection Profiles
The maximum number of connection profiles (tunnel groups) that an ASA can support is a function of
the maximum number of concurrent VPN sessions for the platform + 5. For example, an ASA 5505 can
support a maximum of 25 concurrent VPN sessions allowing for 30 tunnel groups (25+5). Attempting
to add an additional tunnel group beyond the limit results in the following message: “ERROR: The limit
of 30 configured tunnel groups has been reached.
Table 70-2 specifies the maximum VPN sessions and connection profiles for each ASA platform.
override-svc-download Overrides downloading the group-policy or username attributes
configured for downloading the AnyConnect VPN client to the remote
user.
radius-reject-message Enables the display of the RADIUS reject message on the login screen
when authentication is rejected.
Table 1-1 Connection Profile Attributes for SSL VPN (continued)
Command Function

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals