65-15
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 65 Configuring Dynamic Access Policies
Understanding VPN Access Policies
–
Delete—Click to delete the selected bookmark from the URL list area. You cannot delete a
bookmark from the adaptive security appliance unless you first delete it from DAP records.
• Access Method Tab—Lets you configure the type of remote access permitted.
–
Unchanged—Continue with the current remote access method.
–
AnyConnect Client—Connect using the Cisco AnyConnect VPN Client.
–
Web-Portal—Connect with clientless VPN.
–
Both-default-Web-Portal—Connect via either clientless or the AnyConnect client, with a
default of clientless.
–
Both-default-AnyConnect Client—Connect via either clientless or the AnyConnect client, with
a default of AnyConnect.
• AnyConnect Tab—Lets you choose the status of the Always-on VPN flag.
–
Always-On VPN for AnyConnect client—Determine if the always-on VPN flag setting in the
AnyConnect service profile is unchanged, disabled, or if the AnyConnect profile setting should
be used.
Note This parameter requires a release of the Cisco IronPort Web Security appliance that
provides Secure Mobility Solution licensing support for the Cisco AnyConnect VPN
client. It also requires an AnyConnect release that supports “Secure Mobility Solution”
features. Refer to the Cisco AnyConnect VPN Client Administrator Guide for additional
information.
Modes
The following table shows the modes in which this feature is available:
Add/Edit AAA Attributes
Figure 65-4 shows the Add AAA Attribute dialog box.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
•••——
To Next Page
Loading...
