Configuring VPN
Configuring SSL VPN for Browser-Based Remote Access
Cisco SA500 Series Security Appliances Administration Guide 161
7
• When two policies are in conflict, a more specific policy takes precedence
over a general policy. For example, a policy for a specific IP address takes
precedence over a policy for a range of addresses that includes this IP
address.
A policy can be offered to the VPN Tunnel, Port Forwarding, or both.
After you define a policy, it goes into effect immediately. However, if Remote
Management (RMON) is not enabled, SSL VPN access will be blocked. See RMON
(Remote Management), page 197.
If you are creating a policy that applies to a network resource, you first need to
configure a record for the network resource. See Specifying the Network
Resources for SSL VPN, page 163.
STEP 1 Click VPN > SSL VPN Server > SSL VPN Policies.
The SSL VPN Policies window opens.
STEP 2 In the Query area, choose which policies to display in the List of SSL VPN Policies
table.
• View List of SSL VPN Policies for: Choose Global for all users, Group for a
particular group, or User for a particular user.
• Available Groups: If you chose Group as the query type, choose the name
from this list.
• Available Users: If you chose User as the query type, choose the name from
this list.
• Click Display to run the query.
STEP 3 To add an SSL VPN policy, click Add.
Other options: Click the Edit button to edit an entry. To delete an entry, check the
box and then click Delete. To select all entries, check the box in the first column of
the table heading.
After you click Add or Edit, the SSL VPN Policy Configuration window opens.
STEP 4 In the Policy For area, enter the following information:
• Policy For: Choose the type of policy: Global, Group, or User. If you choose
Group, also choose the group from the Available Groups list. If you choose
User, also choose the user from the Available Users list.
To Next Page
Loading...
