1-8
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 1 Introduction to the Cisco ASA 5500 Series Adaptive Security Appliance
New Features
IPv6 support for IKEv1
LAN-to-LAN VPN
connections
For LAN-to-LAN connections using mixed IPv4 and IPv6 addressing, or all IPv6 addressing,
the adaptive security appliance supports VPN tunnels if both peers are Cisco ASA 5500 series
adaptive security appliances, and if both inside networks have matching addressing schemes
(both IPv4 or both IPv6).
Specifically, the following topologies are supported when both peers are Cisco ASA 5500
series adaptive security appliances:
• The adaptive security appliances have IPv4 inside networks and the outside network is
IPv6 (IPv4 addresses on the inside interfaces and IPv6 addresses on the outside interfaces).
• The adaptive security appliances have IPv6 inside networks and the outside network is
IPv4 (IPv6 addresses on the inside interface and IPv4 addresses on the outside interfaces).
• The adaptive security appliances have IPv6 inside networks and the outside network is
IPv6 (IPv6 addresses on the inside and outside interfaces).
Note The defect CSCtd38078 currently prevents the Cisco ASA 5500 series from connecting
to a Cisco IOS device as the peer device of a LAN-to-LAN connection.
The following screens were modified or introduced:
Wizards > IPsec VPN Wizard, Configuration > Site-to-Site VPN > Connection Profiles
Configuration > Site-to-Site VPN > Connection Profiles > Basic > Add IPsec Site-to-Site
Connection Profile
Configuration > Site-to-Site VPN > Group Policies
Configuration > Site-to-Site VPN > Group Policies > Edit Internal Group Policy
Configuration > Site-to-Site VPN > Advanced > Crypto Maps
Configuration > Site-to-Site VPN > Advanced > Crypto Maps > Add > Create IPsec Rule
Configuration > Site-to-Site VPN > Advanced > ACL Manager
Plug-in for AnyConnect
Profile Editor
The AnyConnect Profile Editor is a convenient GUI-based configuration tool you can use to
configure the AnyConnect 2.5 or later client profile, an XML file containing settings that
control client features. Previously, you could only change profile settings manually by editing
the XML tags in the profile file. The AnyConnect Profile Editor is a plug-in binary file named
anyconnectprof.sgz packaged with the ASDM image and installed in the root directory of
disk0:/ in the flash memory on the adaptive security appliance. This design allows you to
update the editor to be compatible with new AnyConnect features available in new client
releases.
SSL VPN Portal
Customization Editor
You can rebrand and customize the screens presented to clientless SSL VPN users using the
new Edit Customization Object window in ASDM. You can customize the logon, portal and
logout screens, including corporate logos, text messages, and the general layout. Previously,
the customization feature was embedded in the adaptive security appliance software image.
Moving it to ASDM provides greater usability for this feature and future enhancements.
The following screen was modified: Configuration > Remote Access VPN > Clientless SSL
VPN Access > Portal > Customization.
Table 1-4 New Features for ASDM Version 6.3(1)/ASA Version 8.3(1) (Unless Otherwise Noted) (continued)
Feature Description
To Next Page
Loading...
Need help?
General
