62-10
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 62 VPN
VPN Wizard
–
Certificate Signing Algorithm—Displays the algorithm for signing digital certificates, rsa-sig
for RSA.
–
Challenge/response authentication (CRACK)—Provides strong mutual authentication when the
client authenticates using a popular method such as RADIUS and the server uses public key
authentication. The security appliance supports CRACK as an IKE option in order to
authenticate the Nokia VPN Client on Nokia 92xx Communicator Series devices.
• Name—Type a name to create the record that contains tunnel connection policies for this IPsec
connection. A connection policy can specify authentication, authorization, and accounting servers,
a default group policy, and IKE attributes. A connection policy that you configure with this VPN
wizard specifies an authentication method, and uses the adaptive security appliance Default Group
Policy.
Modes
The following table shows the modes in which this feature is available:
Client Authentication
Use the Client Authentication pane to select the method by which the adaptive security appliance
authenticates remote users.
Fields
Select one of the following options:
• Authenticate using the local user database—Click to use authentication internal to the adaptive
security appliance. Use this method for environments with a small, stable number of users. The next
pane lets you create accounts on the adaptive security appliance for individual users.
• Authenticate using an AAA server group—Click to use an external server group for remote user
authentication.
• AAA Server Group Name—Choose a AAA server group configured previously.
• New ...—Click to configure a new AAA server group.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
To Next Page
Loading...
Need help?
General
