64-24
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 64 General VPN Setup
ACL Manager
Client Firewall
Client Firewall allows you to choose a rule from AnyConnect SSL VPN or IPSec clients that have been
defined in the device. You can set the rules for either IPv4 or IPv6. To manage the ACLs, click Manage
for a list of existing IPsec client firewalls in the group policy editor.
Note This feature requires an AnyConnect release that supports the Cisco Secure Mobility solution.
Fields
• Public Network Rule—Use the drop-down list to choose from the existing defined ACLs.
• Manage—Displays the ACL Manager dialog box, with which you can add, edit, and delete Access
Control Lists (ACLs) and Extended Access Control Lists (ACEs).
• Private Network Rule—Use the drop-down list to choose from the existing defined ACLs.
• Manage—Displays the ACL Manager dialog box, with which you can add, edit, and delete Access
Control Lists (ACLs) and Extended Access Control Lists (ACEs).
Modes
The following table shows the modes in which this feature is available:
Key Regeneration
Rekey Negotiation occurs when the security appliance and the client perform a rekey and they
renegotiate the crypto keys and initialization vectors, increasing the security of the connection.
Fields
• Renegotiation Interval—Uncheck the Unlimited check box to specify the number of minutes from
the start of the session until the rekey takes place, from 1 to 10080 (1 week).
• Renegotiation Method—Check the None check box to disable rekey, check the SSL check box to
specify SSL renegotiation during a rekey, or check the New Tunnel check box to establish a new
tunnel during rekey.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
To Next Page
Loading...
Need help?
General
