CHAPTER
5-1
Cisco AnyConnect VPN Client Administrator Guide
OL-12950-012
5
Configuring AnyConnect Features Using ASDM
The AnyConnect client includes the following features, which you configure on the security appliance:
• Enabling Datagram Transport Layer Security (DTLS) with AnyConnect (SSL) Connections,
page 5-1
• Prompting Remote Users, page 5-4
• Enabling IPv6 VPN Access, page 5-5
• Enabling Modules for Additional AnyConnect Features, page 5-5
• Configuring Certificate-only Authentication, page 5-6
• Using Compression, page 5-9
• Configuring DTLS, page 5-2
• Enabling AnyConnect Keepalives, page 5-11
• Configuring the Dynamic Access Policies Feature of the Security Appliance, page 5-15
• Cisco Secure Desktop Support, page 5-15
• Enabling AnyConnect Rekey, page 5-12
• Enabling and Adjusting Dead Peer Detection, page 5-14
Enabling Datagram Transport Layer Security (DTLS) with
AnyConnect (SSL) Connections
Datagram Transport Layer Security avoids latency and bandwidth problems associated with some
SSL-only connections, including AnyConnect connections, and improves the performance of real-time
applications that are sensitive to packet delays. DTLS is a standards-based SSL protocol that provides a
low-latency data path using UDP. For detailed information about DTLS, see RFC 4347
(h
ttp://www.ietf.org/rfc/rfc4347.txt).
Datagram Transport Layer Security (DTLS) allows the AnyConnect client establishing an SSL VPN
con
nection to use two simultaneous tunnels—an SSL tunnel and a DTLS tunnel. Using DTLS avoids
latency and bandwidth problems associated with some SSL connections and improves the performance
of real-time applications that are sensitive to packet delays.
If you do not enable DTLS, AnyConnect/SSL VPN connections connect with an SSL VPN tunnel only.
You cannot enable DTLS globally with ASDM. The following section describes how to enable DTLS
for an
y specific interface.
To Next Page
Loading...
Need help?
General