EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1948 background imageLoading...
Page #1948 background image
1-20
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AnyConnect VPN Client Connections
Configuring AnyConnect Connections
Translation Tables' Templates:
AnyConnect
PortForwarder
csd
customization
keepout
url-list
webvpn
Citrix-plugin
RPC-plugin
Telnet-SSH-plugin
VNC-plugin
Translation Tables:
es-us AnyConnect
Configuring Advanced AnyConnect SSL Features
The following section describes advanced features that fine-tune AnyConnect SSL VPN connections,
and includes the following sections:
• Enabling Rekey, page 1-20
• Enabling and Adjusting Dead Peer Detection, page 1-21
• Enabling Keepalive, page 1-21
• Using Compression, page 1-22
• Adjusting MTU Size, page 1-23
• Updating AnyConnect Client Images, page 1-23
Enabling Rekey
When the ASA and the AnyConnect client client perform a rekey on an SSL VPN connection, they
renegotiate the crypto keys and initialization vectors, increasing the security of the connection.
To enable the client to perform a rekey on an SSL VPN connection for a specific group or user, use the
anyconnect ssl rekey command from group-policy or username webvpn modes.
[no]anyconnect ssl rekey {method {new-tunnel | none | ssl} | time minutes}
method new-tunnel specifies that the client establishes a new tunnel during rekey.
method ssl specifies that the client estanyablishes a new tunnel during rekey.
method none disables rekey.
Note Configuring the rekey method as ssl or new-tunnel specifies that the client establishes a new
tunnel during rekey instead of the SSL renegotiation taking place during the rekey. See the Cisco
ASA 5500 Series Command Reference, 8.4 for a history of the anyconnect ssl rekey command.
time minutes specifies the number of minutes from the start of the session, or from the last rekey, until
the rekey takes place, from 1 to 10080 (1 week).
In the following example, the client is configured to renegotiate with SSL during rekey, which takes
place 30 minutes after the session begins, for the existing group-policy sales:
hostname(config)# group-policy sales attributes

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals