Professional Documents
Culture Documents
Security Device
Manager
Lesson 17
Internet
SSL Secure Tunnel
* ASDM Version 5.2 is not supported on the PIX 501 or 506 Security Appliance.
© 2007 Cisco Systems, Inc. All rights reserved. SNPA v5.0—17-4
ASDM Security Appliance Requirements
Windows
Sun Solaris
Linux
Run ASDM as a:
Local application
Java applet
Launch
Startup
Wizard
Before you can use ASDM, you need to enter the following
information on the security appliance via a console terminal:
Time
Inside IP address
Inside network mask
Host name
Domain name
Enable the HTTP server on the security appliance
IP addresses of hosts authorized to access
HTTP server
If more than one ASDM image is stored in the flash memory of your security
appliance, also specify the ASDM image to be used.
Device
Information Interface
- General Status
- License
VPN Status
Traffic
System
Status
Resources
Syslog
Messages
License tab
Startup Wizard
Interfaces
NAT and PAT
Hostname
Domain name
Enable password
VPN Wizard
Site-to-Site
Remote Access
High Availability
and Scalability
Wizard
Active/Active
Failover
Active/Standby
Failover
VPN Cluster Load
Balancing
Configuration
Interface
Security Policy
NAT
VPN
IPS or Trend
Micro Content
Security
CSD Manager
Routing
Global Objects
Properties
IP address
– Static
– DHCP
Same security
level
Access Rules
AAA Rules
Filter Rules
Service Policy
Rules
Translation Rules
– NAT
– Policy NAT
– NAT exemption
– Maximum
connections
– Embryonic
connections
NAT0
Edit VPN
General
IKE
IPsec
IP Address
Management
Load Balancing
NAC
WebVPN
E-Mail Proxy
Note: Use the Remote Access or Site-to-Site VPN Wizard for new VPN connections.
© 2007 Cisco Systems, Inc. All rights reserved. SNPA v5.0—17-22
VPN Policy Configuration
Client Firewall
WebVPN
General
NAC
IPsec
Hardware
Client Client
Configuration
Static Routes
Dynamic Routing
– OSPF
– RIP
Multicast
– IGMP
– MRoute
– PIM
Proxy ARPs
Network Object
Groups
IP Names
Service Groups
Class Maps
Inspect Maps
Regular
Expressions
TCP Maps
Time Ranges
Interfaces
VPN
IPS or Trend
Micro Content
Security
Routing
Properties
Logging
Flow lookup
Route lookup
Access list
System:
Configuration
Monitoring
Context:
Configuration
Monitoring
System Configuration:
Interfaces
Resource Class
Security Contexts
High Availability
and Scalability
Wizard
Failover
Properties
Context Configuration:
Interfaces
Security Policy
NAT
IPS or Trend Micro
Content Security
Routing
Global Objects
Properties
Context Monitoring:
Interfaces
IPS or Trend
Micro Content
Security
Routing
Properties
Logging
10.0.P.0 10.0.Q.0
.100 .100
RTS RTS