EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1642 background imageLoading...
Page #1642 background image
1-8
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Connection Profiles, Group Policies, and Users
Configuring Connection Profiles
Configuring Remote-Access Connection Profiles
Use a remote-access connection profile when setting up a connection between the following remote
clients and a central-site ASA:
–
Legacy Cisco VPN Client (connecting with IPsec/IKEv1)
–
AnyConnect Secure Mobility Client (connecting with SSL or IPsec/IKEv2)
–
Clientless SSL VPN (browser-based connecting with SSL)
–
Cisco ASA 5500 Easy VPN hardware client (connecting with IPsec/IKEv1)
–
Cisco VPM 3002 hardware client (connecting with IPsec/IKEv1)
We also provide a default group policy named DfltGrpPolicy.
To configure an remote-access connection profile, first configure the tunnel-group general attributes,
then the remote-access attributes. See the following sections:
• Specifying a Name and Type for the Remote Access Connection Profile, page 70-8.
• Configuring Remote-Access Connection Profile General Attributes, page 70-8.
• Configuring Double Authentication, page 70-12
• Configuring Remote-Access Connection Profile IPsec IKEv1 Attributes, page 70-14.
• Configuring IPsec Remote-Access Connection Profile PPP Attributes, page 70-16
Specifying a Name and Type for the Remote Access Connection Profile
Create the connection profile, specifying its name and type, by entering the tunnel-group command. For
an remote-access tunnel, the type is remote-access:
hostname(config)# tunnel-group tunnel_group_name type remote-access
hostname(config)#
For example, to create an remote-access connection profile named TunnelGroup1, enter the following
command:
hostname(config)# tunnel-group TunnelGroup1 type remote-access
hostname(config)#
Configuring Remote-Access Connection Profile General Attributes
To configure or change the connection profile general attributes, specify the parameters in the following
steps:
Step 1 To configure the general attributes, enter the tunnel-group general-attributes task in either single or
multiple context mode, which enters tunnel-group general-attributes configuration mode. The prompt
changes to indicate the change in mode.
hostname(config)# tunnel-group tunnel_group_name general-attributes
hostname(config-tunnel-general)#
Step 2 Specify the name of the authentication-server group, if any, to use. If you want to use the LOCAL
database for authentication if the specified server group fails, append the keyword LOCAL:
hostname(config-tunnel-general)# authentication-server-group [(interface_name)] groupname
[LOCAL]
hostname(config-tunnel-general)#

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals