Wizards
Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote
Access
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
64
2
STEP 2
To establish the SSL VPN tunnels for remote access, choose
SSL VPN
as the VPN
tunnel type.
STEP 3
Click
Begin
.
The SSL VPN Configuration window opens.
STEP 4
In the
Gateway (Basic)
area, enter the following information:
•
Gateway Interface:
Choose the WAN interface that the traffic over the SSL
VPN tunnel passes through.
•
Gateway Port:
Enter the port number used on the SSL VPN gateway. HTTPS
or SSL typically operates on port 443. However, the SSL VPN gateway can
also operate on a user defined port. The firewall should permit the port to
ensure delivery of packets destined for the SSL VPN gateway. The SSL VPN
clients need to enter the entire address pair “Gateway IP Address: Port
Number” for connectting purposes.
•
Certificate File:
Choose a certificate to authenticate the users who want to
access your network resource through the SSL VPN tunnel.
•
Client Address Pool:
The SSL VPN gateway has a configurable address
pool with maximum size of 255 which is used to allocate IP addresses to the
remote clients. Enter the IP address pool for all remote clients. The client is
assigned an IP address by the SSL VPN gateway.
NOTE
Configure an IP address range that does not directly overlap with any
of addresses on your local network.
•
Client Netmask:
Enter the IP address of the netmask used for SSL VPN
clients.
The Client Address Pool is used with the Client Netmask. If they are set as
follows, then the SSL VPN client will obtain a VPN address whose range is
from 10.0.0.1 to 10.0.0.254.
-
Client Address Pool = 10.0.0.0
-
Client Netmask = 255.255.255.0
•
Client Domain:
Enter the domain name used for the SSL VPN clients.
•
Login Banner:
After the user successfully logs into the SSL VPN server, a
configurable login banner is displayed. Enter the message text to display
along with the banner.