Specifications
6-5
Cisco ASA 5580 Getting Started Guide
78-18101-01
Chapter 6 Scenario: SSL VPN Clientless Connections
Implementing the Clientless SSL VPN Scenario
Information to Have Available
Before you begin configuring the adaptive security appliance to accept remote
access IPsec VPN connections, make sure that you have the following information
available:
• Name of the interface on the adaptive security appliance to which remote
users will connect. When remote users connect to this interface, the SSL VPN
Portal Page is displayed.
• Digital certificate
The ASA 5580 generates a self-signed certificate by default. For improved
security and to eliminate browser warning messages, you may want to
purchase a publicly trusted SSL VPN certificate before putting the system in
a production environment.
• List of users to be used in creating a local authentication database, unless you
are using a AAA server for authentication.
• If you are using a AAA server for authentication, the AAA Server Group
Name
• The following information about group policies on the AAA server:
–
Server group name
–
Authentication protocol to be used (TACACS, SDI, NT, Kerberos,
LDAP)
–
IP address of the AAA server
–
Interface of the adaptive security appliance to be used for authentication
–
Secret key to authenticate with the AAA server
• List of internal websites or pages you want to appear on the SSL VPN portal
page when remote users establish a connection. Because this is the page users
see when they first establish a connection, it should contain the most
frequently used targets for remote users.
Starting ASDM
This section describes how to start ASDM using the ASDM Launcher software.
If you have not installed the ASDM Launcher software, see
Installing the ASDM
Launcher, page 4-5.