64-30
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 64 General VPN Setup
ACL Manager
The IPsec VPN client supports full HTML for the banner. However, the clientless portal and the
AnyConnect client support partial HTML. To ensure the banner displays properly to remote users,
follow these guidelines:
–
For IPsec client users, use the /n tag.
–
For AnyConnect client users, use the <BR> tag.
–
For clientless users, use the <BR> tag.
• Edit Banner—Displays the View/Config Banner dialog box, in which you can enter banner text, up
to 500 characters.
• Default Domain—Specifies whether to inherit the default domain from the default group policy or
use a new default domain specified in the field.
• Split Tunnel DNS Names (space delimited)—Specifies whether to inherit the split-tunnel DNS
names or from the default group policy or specify a new name or list of names in the field.
• Split Tunnel Policy—Specifies whether to inherit the split-tunnel policy from the default group
policy or select a policy from the menu. The menu options are to tunnel all networks, tunnel those
in the network list below, or exclude those in the network list below.
• Split Tunnel Network List—Specifies whether to inherit the split-tunnel network list from the
default group policy or choose from the drop-down list.
• Manage—Opens the ACL Manager dialog box, in which you can manage standard and extended
access control lists.
• Address Pools—Configures the address pools available through this group policy.
–
Available Pools—Specifies a list of address pools for allocating addresses to remote clients.
Unchecking the Inherit check box with no address pools in the Assigned Pools list indicates that
no address pools are configured and disables inheritance from other sources of group policy.
–
Add—Moves the name of an address pool from the Available Pools list to the Assigned Pools
list.
–
Remove—Moves the name of an address pool from the Assigned Pools list to the Available
Pools list.
–
Assigned Pools (up to 6 entries)—Lists the address pools you have added to the assigned pools
list. The address-pools settings in this table override the local pool settings in the group. You
can specify a list of up to six local address pools to use for local address allocation. The order
in which you specify the pools is significant. The adaptive security appliance allocates
addresses from these pools in the order in which the pools appear in this command.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——
To Next Page
Loading...
