EasyManuals Logo
Home>Cisco>Firewall>FirePOWER ASA 5500 series

Cisco FirePOWER ASA 5500 series User Manual

Cisco FirePOWER ASA 5500 series
989 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #693 background imageLoading...
Page #693 background image
37-3
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 37 Configuring WebVPN
Getting Started with WebVPN
• NAT, reducing the need for globally unique IP addresses.
• PAT, permitting multiple outbound sessions appear to originate from a single IP address.
• QoS, rate limiting using the police command and priority-queue command.
• Connection limits, checking either via the static or the Modular Policy Framework set connection
command.
• The established command, allowing return connections from a lower security host to a higher
security host if there is already an established connection from the higher level host to the lower
level host.
Using SSL to Access the Central Site
WebVPN uses SSL and its successor, TLS1 to provide a secure connection between remote users and
specific, supported internal resources at a central site. This section includes the following topics:
• Using HTTPS for WebVPN Sessions
• Configuring WebVPN and ASDM on the Same Interface
• Setting WebVPN HTTP/HTTPS Proxy
• Configuring SSL/TLS Encryption Protocols
Using HTTPS for WebVPN Sessions
Establishing WebVPN sessions requires the following:
• Using HTTPS to access the security appliance or load balancing cluster. In a web browser, users
enter the security appliance IP address in the format https:// address where address is the IP address
or DNS hostname of the security appliance interface.
• Enabling WebVPN sessions on the security appliance interface that users connect to.
To permit WebVPN sessions on an interface, perform the following steps:
Step 1 In global configuration mode, enter the webvpn command to enter webvpn mode.
Step 2 Enter the enable command with the name of the interface that you want to use for WebVPN sessions.
For example, to enable WebVPN sessions on the interface called outside, enter the following:
hostname(config)# webvpn
hostname(config-webvpn)# enable outside
Configuring WebVPN and ASDM on the Same Interface
The security appliance can support both WebVPN and an ASDM administrative session simultaneously
on the same interface. To do so, you must assign different port numbers to these functions. An alternative
is to configure WebVPN and access to ASDM on different interfaces.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco FirePOWER ASA 5500 series and is the answer not in the manual?

Cisco FirePOWER ASA 5500 series Specifications

General IconGeneral
BrandCisco
ModelFirePOWER ASA 5500 series
CategoryFirewall
LanguageEnglish

Related product manuals