EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1385 background imageLoading...
Page #1385 background image
64-75
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 64 General VPN Setup
Mapping Certificates to IPsec or SSL VPN Connection Profiles
Add/Edit Certificate Matching Rule Criterion
Use the Add/Edit Certificate Matching Rule Criterion dialog box to configure a certificate matching
rule criterion for the selected connection profile.
Fields
• Rule Priority—(Display only). Sequence with which the adaptive security appliance evaluates the
map when it receives a connection request. The adaptive security appliance evaluates each
connection against the map with the lowest priority number first.
• Mapped to Group—(Display only). Connection profile to which the rule is assigned.
• Field—Select the part of the certificate to be evaluated from the drop-down list.
–
Subject—The person or system that uses the certificate. For a CA root certificate, the Subject
and Issuer are the same.
–
Alternative Subject—The subject alternative names extension allows additional identities to
be bound to the subject of the certificate.
–
Issuer—The CA or other entity (jurisdiction) that issued the certificate.
–
Extended Key Usage—An extension of the client certificate that provides further criteria that
you can choose to match.
• Component—(Applies only if Subject of Issuer is selected.) Select the distinguished name
component used in the rule:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
DN Field Definition
Whole Field The entire DN.
Country (C) The two-letter country abbreviation. These codes conform to ISO 3166
country abbreviations.
Common Name (CN) The name of a person, system, or other entity. This is the lowest (most
specific) level in the identification hierarchy.
DN Qualifier (DNQ) A specific DN attribute.
E-mail Address (EA) The e-mail address of the person, system or entity that owns the certificate.
Generational Qualifier
(GENQ)
A generational qualifier such as Jr., Sr., or III.
Given Name (GN) The first name of the certificate owner.
Initials (I) The first letters of each part of the certificate owner’s name.
Locality (L) The city or town where the organization is located.
Name (N) The name of the certificate owner.
Organization (O) The name of the company, institution, agency, association, or other entity.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals