1 / 26

ASA 5505 SSL VPN

ASA 5505 SSL VPN. Joe Cicero Northeast Wisconsin Technical College. About SSL VPN Client Connections. With an SSL VPN client setup, remote users do not need to install a software client before attempting to establish a connection.

masato
Download Presentation

ASA 5505 SSL VPN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ASA 5505SSL VPN Joe Cicero Northeast Wisconsin Technical College

  2. About SSL VPN Client Connections • With an SSL VPN client setup, remote users do not need to install a software client before attempting to establish a connection. • With correct credentials any user with a browser can connect to internal resources on the network

  3. Starting the “SSL VPN Wizard”

  4. Setting Your Connection Type • The ASA 5505 provides two types of SSL VPN Access. • Clientless SSL VPN Access, no additional software is downloaded and installed to obtain access to SUPPORTED internal resources. • Cisco SSL VPN Client (Anyconnect VPN Client), The ASA pushes a self-installing client to the remote PC that allows FULL, secure access to internal resource.

  5. Setting Your Connection Type

  6. Interface, Certificate, and Group Settings • Connection Name • Provide a connection name for this group of connection-oriented attributes. • SSL VPN Interface • Specify the interface to allow SSL VPN connections. • Digital Certificate • Specify a certificate, if any, that the security appliance sends to the remote PC. • Connection Group Settings • You can enable the security appliance to display a group alias for this connection on the login page. • Display Group Alias list at the login page—Enable to display the group alias.

  7. Setting the VPN Interface

  8. Configuring User Authentication • Authenticate using a AAA server group—Enable to let the security appliance contact a remote AAA server group to authenticate the user. • AAA Server Group Name—Select a AAA server group from the list of pre-configured groups, or click New to create a new group. • Authenticate using the local user database—Add new users to the local database stored on the security appliance. • Username—Create a username for the user. • Password—Create a password for the user. • Confirm Password—Re-type the same password to confirm. • Add/Delete—Add or delete the user from the local database.

  9. Configuring User Authentication

  10. Defining a Group Policy • Group policies configure common attributes for groups of users. Create a new group policy or select an existing one to modify. • Create new group policy • Enable to create a new group policy. Provide a name for the new policy. • Modify existing group policy • Select an existing group policy to modify.

  11. Defining a Group Policy

  12. Creating a Bookmark List • Bookmark lists appear on the portal page for Clientless, browser-based connections. SSL VPN client users can see these bookmarks to enable easy access to resources. • Bookmark List • Select an existing list or click Manage to create a new list, or import or export bookmark lists.

  13. Creating a Bookmark List

  14. Confirming No Bookmark

  15. Summary Screen

  16. Client Connection • To connect to the SSL VPN you simply use a browser to connect to the external interface of your ASA 5505 via https! • The following pages will show you what the SSL VPN looks like from a Mozilla client.

  17. Client Connection

  18. You will need to accept certificates

  19. Questions / Comments

More Related