Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipment3005 - VPN Concentrator - Gateway
12345678910
10
Release Notes for Cisco VPN 3000 Series Concentrator, Release 3.6 Through 3.6.8.B
OL-5637-02
New Features in Release 3.6.1
NAT over LAN-to-LAN
Release 3.6.1 allows LANs with overlapping or same IP addresses between VPN 3000 Concentrators
using static, dynamic, and PAT rules. To answer the need for hosts to communicate across overlapping
LANs, the private address space must be translated (NATed).
IPSec Fragmentation
The IPSec fragmentation policy specifies how to treat packets that exceed the MTU setting when
tunneling traffic through the public interface. This feature provides a way to handle cases where a router
or NAT device between the VPN Concentrator and the VPN Client rejects or drops IP fragments. There
are three options:
Do not fragment prior to IP encapsulation; fragment prior to interface transmission.
Fragment prior to IPSec encapsulation with Path MTU Discovery (ICMP).
Fragment prior to IPSec encapsulation without Path MTU Discovery (Clear DF bit).
To configure this option, go to Configuration | Interface | Ethernet 123 | General tab. VPN 3000 Series
Concentrator Reference Volume 1: Configuration explains these options and gives an example of their
use.
Certificate DN Group Matching
In release 3.6.1, you can define rules to match a user’s certificate to a permission group based on fields
in the Distinguished Name (DN). To specify a policy for group matching by rules, you must define the
rules and enable each rule for a selected group that already exists in the configuration. For more
information, refer to the description of the Configuration | Policy Management | Certificate Group
Matching screen in VPN 3000 Series Concentrator Reference Volume 1: Configuration.
IPSec Backup Servers Feature Now Applies to the VPN Client
The description of the IPSec Backup Servers feature in the VPN 3000 Concentrator Series Reference
documentation indicates that it applies only to the VPN3002 Hardware Client. The feature now applies
to the Software Client as well. For information about this feature and how to configure it, on the VPN
Concentrator, see VPN Client Administrator Guide, Chapter 1. For information about how to configure
Backup Servers in the VPN Client, see VPN Client User Guide (CSCdy09630).
Online Help Enhancements
Online help is now easier to use. Release 3.6.1 provides a global help Table of Contents that lets you
view and navigate all available help topics. It also offers a search engine, an index, and a glossary.