Migrating to ASA for VPN 3000 Concentrator Series Administrators - Index [Cisco ASA 5500-X Series Next-Generation Firewalls]

Table Of Contents

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W -

Index

A

AAA, comparing VPN 3000 with ASA     1-6

AAA server groups, adding AAA hosts     5-23

AAA servers, tunnel group     2-3

accounting

management traffic, VPN 3000 vs. ASA     1-6

RADIUS, comparing VPN 3000 with ASA     1-6

ACL manager     5-16

ACLs

adding     5-15

bypassing

LAN-to-LAN IPSec traffic     4-20

remote access     4-32

comparing VPN 3000 with ASA     1-9

configuring for LAN-to-LAN     4-16

downloadable     1-4

adaptive security appliance, overview     2-1

Advanced Inspection and Prevention Security Services Module (AIPSSM)     1-3

AES     4-12

Aggressive Mode     1-3

AIP SSM     1-3

Are You There (AYT) firewall policy     5-9, 5-14

ASA system, overview     2-1

authentication, certificate     4-6

B

bandwidth reservation, comparing VPN 3000 with ASA     1-8

base group     2-2

C

Central Protection Policy (CPP)     5-9, 5-14

certificate enrollment

authenticating to the CA     4-6

generating key pairs     4-2

summary of steps     4-2

trustpoint configuration     4-4

certificate management in ASDM     4-8

CLI     1-3

client address assignment method, tunnel group     2-3

client configuration parameters, group policy     2-5

client firewall     5-13

Are You There (AYT) policy     5-9, 5-14

Central Protection Policy (CPP)     5-9, 5-14

configuring     5-9

allowing HTTP traffic     5-17

default     5-9

rules for firewall filters     5-9

group policy     5-11

local     5-9

policies     5-13

client firewall options, group policy     2-5

configuring

AAA hosts     5-23

ACLs     4-16, 5-15

address management method     3-3

address pools     5-20

administrator password     3-4

authentication     3-3

client firewall     5-9

crypto map, IPSec LAN-to-LAN tunnel     4-18

default client firewall     5-9

dynamic crypto map, remote-access tunnel     4-30

extended access list rule     5-15

external authentication     5-26

external server     5-20

external server group     5-21

group policy, client firewall     5-11

interfaces

IPSec LAN-to-LAN tunnel     4-10, 4-14

remote-access tunnel     4-22, 4-25

internal server user database     3-3

IP interfaces     3-2

IPSec group     3-3

IPSec LAN-to-LAN tunnel     4-9

ISAKMP policy

IPSec LAN-to-LAN tunnel     4-11

remote-access tunnel     4-23

load balancing     6-1

network list     5-1

QoS     6-5

RADIUS     5-20

split tunneling     5-1

system information     3-2

transform set, remote-access tunnel     4-27

tunnel group

IPSec LAN-to-LAN tunnel     4-17

remote-access tunnel     4-28

split tunneling     5-6

tunneling protocols and options     3-2

user access, remote-access tunnel     4-26

configuring users     1-3

connection timeout, TCP     1-4

connection type, tunnel group     2-3

crypto map

applying to interfaces     4-20

configuring for LAN-to-LAN     4-18

creating for using dynamic crypto map     4-32

D

data integrity, Phase 2, default setting     1-2

dbgtrace logging levels, security appliance     1-3

DefaultL2LGroup     2-2

DefaultRAGroup     2-2

Denial of Service (DoS) attack     1-3

DES, IKE policy keywords (table)     4-12

DfltGrpPolicy     2-3

Diffie-Hellman, groups supported     4-12

DNS servers, group policy     2-5

documentation

additional     ix

cautions     xi

notes     xi

DoS attack     1-3

dynamic crypto map

configuring for remote access     4-30

crypto map usage     4-32

E

encryption algorithm, default     1-1

enrolling for certificate

authenticating to the CA     4-6

generating key pairs     4-2

summary of steps     4-1

trustpoint configuration     4-4

enrolling for identity certificate     4-7

extended access list rule     5-15

external authentication, configuring for tunnel group     5-26

external server

configuring     5-20

protocols supported     5-22

external server group, configuring     5-21

EzVPN client     2-6

F

fallback, VPN 3000 vs. ASA     1-6

feature map, VPN 3000 to security appliance     1-1

filters

comparing VPN 3000 with ASA     1-9

group policy     2-4

VPN 3000     1-4

firewall

client     5-9

unlocking, comparing VPN 3000 with ASA     1-9

firewall policy     5-13

firewall types     5-13

G

Group 5, Diffie Hellman     4-12

group policy

attributes     2-4

client firewall     5-11

default     2-3

defined     2-4

split tunneling     5-4

groups     2-2

H

HTTP traffic     5-17

hub-and-spoke configuration     1-3

hybrid server group, support on VPN 3000 vs. ASA     1-6

I

identity, group policy     2-4

identity certificate, enrolling     4-7

IKE

negotiation     1-2

Phase 2 Data Integrity, enabling     1-10

policy keywords     4-11

inspection, packet     1-3

interfaces

configuring for LAN-to-LAN     4-10

configuring for remote access     4-22, 4-25

IP address pool, configuring     5-20

IPSec

comparing VPN 3000 with ASA     1-6

LAN-to-LAN, permitting     4-20

parameters

group policy     2-5

tunnel group     2-3

remote access, permitting     4-32

tunnel mode     4-14

IPSec LAN-to-LAN tunnel

configuring ACLs     4-16

configuring crypto map     4-18

configuring interfaces     4-10, 4-14

configuring ISAKMP Policy     4-11

configuring tunnel group     4-17

ISAKMP

configuring     4-11, 4-23

enabling Phase 2 data integrity     1-10

K

key length, RSA     1-5

key pairs, generating     4-2

L

L2TP, L2TP over IPSec, and PPTP     1-1

LAN-to-LAN tunnel, configuring     4-9

license, comparing of VPN 3000 with ASA     1-5

load balancing

comparing VPN 3000 with ASA     1-7

configuring     6-1

logging, event, VPN 3000     1-3

low-latency queueing (LLQ), comparing VPN 3000 with ASA     1-8

low memory, action     1-2

M

management traffic accounting, VPN3000 vs. ASA     1-6

managing certificates in ASDM     4-8

MD5     4-12

memory red condition     1-2

minimum bandwidth guarantee, comparing VPN 3000 with ASA     1-8

modes, comparing VPN 3000 with ASA     1-7

N

navigation map for ASDM     A-1

network list, configuring     5-1

network mask     1-4

nice reboot     1-2

O

object group, comparing VPN 3000 with ASA     1-7

P

packet inspection     1-3

permitting IPSec traffic

LAN-to-LAN     4-20

remote access     4-32

Phase 2 data integrity

default setting     1-2

enabling     1-2, 1-10

PKI

certificate     1-5

implementation on ASA     2-8

new CLI commands     2-8

policing, comparing VPN 3000 with ASA     1-8

protocols, external servers     5-22

Q

Quality of Service (QoS)

comparing VPN 3000 with ASA     1-8

configuring     6-5

Quick Configuration program, VPN 3000     3-1

R

RADIUS accounting, VPN 3000 vs. ASA     1-6

RADIUS server, configuring     5-20

reboot, nice     1-2

related documentation     x

remote-access tunnel

configuring     4-21

configuring dynamic crypto map     4-30

configuring interfaces     4-22, 4-25

configuring ISAKMP policy     4-23

configuring transform set     4-27

configuring tunnel group     4-28

configuring user access     4-26

RSA key length     1-5

S

servers, group policy     2-5

service policy rule wizard     6-5

session timeout, TCP     1-4

SHA, IKE policy keywords (table)     4-12

Split DNS     5-8

split tunneling

configuring     5-1

firewalls     5-9

group policy     5-4

tunnel group     5-6

syslog levels, security appliance     1-3

T

TCP connection timeout     1-4

timeout, TCP connection     1-4

transform set, configuring for remote access     4-27

Triple DES, IKE policy keyword (table)     4-12

trustpoint     1-5, 4-4

tunnel group

attributes     2-2

configuring for LAN-to-LAN     4-17

configuring for remote access     4-28

default     2-2

external authentication     5-26

tunneling protocols, group policy     2-4

U

user management, differences from the VPN 3000     2-2

users

account attributes     2-7

adding for remote access     4-26

configuring     1-3

V

VPN 3000 features in ASA     2-1

VPN 3002 hardware client See EzVPN client

VPN client

configuring a client firewall to allow HTTP traffic     5-17

firewall options     5-9

firewall policy     5-14

stateful firewall     5-13

VPN Wizard     3-4

W

WebVPN

comparing VPN 3000 with ASA     1-5

connection parameters, group policy     2-6

wildcard mask     1-4

WINS servers, group policy     2-5

wizards

service policy rule     6-5

VPN     3-4

	Migrating to ASA for VPN 3000 Concentrator Series Administrators
	Index
Migrating to ASA for VPN 3000 Concentrator Series Administrators Preface Feature Differences Introducing the ASA System Getting Started Building Basic VPN Tunnels Performing Selected User Management Tasks Configuring Traffic Management Mapping Topics from VPN 3000 Series Concentrators to ASDM Mapping Debug/Event Levels from VPN 3000 Series Concentrators to the Security Appliance Index	Download this chapter Index Download the complete book Migrating to ASA for VPN 3000 Concentrator Series Administrators -- Whole Book PDF (PDF - 1 MB) Feedback Table Of Contents A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - Index A AAA, comparing VPN 3000 with ASA 1-6 AAA server groups, adding AAA hosts 5-23 AAA servers, tunnel group 2-3 accounting management traffic, VPN 3000 vs. ASA 1-6 RADIUS, comparing VPN 3000 with ASA 1-6 ACL manager 5-16 ACLs adding 5-15 bypassing LAN-to-LAN IPSec traffic 4-20 remote access 4-32 comparing VPN 3000 with ASA 1-9 configuring for LAN-to-LAN 4-16 downloadable 1-4 adaptive security appliance, overview 2-1 Advanced Inspection and Prevention Security Services Module (AIPSSM) 1-3 AES 4-12 Aggressive Mode 1-3 AIP SSM 1-3 Are You There (AYT) firewall policy 5-9, 5-14 ASA system, overview 2-1 authentication, certificate 4-6 B bandwidth reservation, comparing VPN 3000 with ASA 1-8 base group 2-2 C Central Protection Policy (CPP) 5-9, 5-14 certificate enrollment authenticating to the CA 4-6 generating key pairs 4-2 summary of steps 4-2 trustpoint configuration 4-4 certificate management in ASDM 4-8 CLI 1-3 client address assignment method, tunnel group 2-3 client configuration parameters, group policy 2-5 client firewall 5-13 Are You There (AYT) policy 5-9, 5-14 Central Protection Policy (CPP) 5-9, 5-14 configuring 5-9 allowing HTTP traffic 5-17 default 5-9 rules for firewall filters 5-9 group policy 5-11 local 5-9 policies 5-13 client firewall options, group policy 2-5 configuring AAA hosts 5-23 ACLs 4-16, 5-15 address management method 3-3 address pools 5-20 administrator password 3-4 authentication 3-3 client firewall 5-9 crypto map, IPSec LAN-to-LAN tunnel 4-18 default client firewall 5-9 dynamic crypto map, remote-access tunnel 4-30 extended access list rule 5-15 external authentication 5-26 external server 5-20 external server group 5-21 group policy, client firewall 5-11 interfaces IPSec LAN-to-LAN tunnel 4-10, 4-14 remote-access tunnel 4-22, 4-25 internal server user database 3-3 IP interfaces 3-2 IPSec group 3-3 IPSec LAN-to-LAN tunnel 4-9 ISAKMP policy IPSec LAN-to-LAN tunnel 4-11 remote-access tunnel 4-23 load balancing 6-1 network list 5-1 QoS 6-5 RADIUS 5-20 split tunneling 5-1 system information 3-2 transform set, remote-access tunnel 4-27 tunnel group IPSec LAN-to-LAN tunnel 4-17 remote-access tunnel 4-28 split tunneling 5-6 tunneling protocols and options 3-2 user access, remote-access tunnel 4-26 configuring users 1-3 connection timeout, TCP 1-4 connection type, tunnel group 2-3 crypto map applying to interfaces 4-20 configuring for LAN-to-LAN 4-18 creating for using dynamic crypto map 4-32 D data integrity, Phase 2, default setting 1-2 dbgtrace logging levels, security appliance 1-3 DefaultL2LGroup 2-2 DefaultRAGroup 2-2 Denial of Service (DoS) attack 1-3 DES, IKE policy keywords (table) 4-12 DfltGrpPolicy 2-3 Diffie-Hellman, groups supported 4-12 DNS servers, group policy 2-5 documentation additional ix cautions xi notes xi DoS attack 1-3 dynamic crypto map configuring for remote access 4-30 crypto map usage 4-32 E encryption algorithm, default 1-1 enrolling for certificate authenticating to the CA 4-6 generating key pairs 4-2 summary of steps 4-1 trustpoint configuration 4-4 enrolling for identity certificate 4-7 extended access list rule 5-15 external authentication, configuring for tunnel group 5-26 external server configuring 5-20 protocols supported 5-22 external server group, configuring 5-21 EzVPN client 2-6 F fallback, VPN 3000 vs. ASA 1-6 feature map, VPN 3000 to security appliance 1-1 filters comparing VPN 3000 with ASA 1-9 group policy 2-4 VPN 3000 1-4 firewall client 5-9 unlocking, comparing VPN 3000 with ASA 1-9 firewall policy 5-13 firewall types 5-13 G Group 5, Diffie Hellman 4-12 group policy attributes 2-4 client firewall 5-11 default 2-3 defined 2-4 split tunneling 5-4 groups 2-2 H HTTP traffic 5-17 hub-and-spoke configuration 1-3 hybrid server group, support on VPN 3000 vs. ASA 1-6 I identity, group policy 2-4 identity certificate, enrolling 4-7 IKE negotiation 1-2 Phase 2 Data Integrity, enabling 1-10 policy keywords 4-11 inspection, packet 1-3 interfaces configuring for LAN-to-LAN 4-10 configuring for remote access 4-22, 4-25 IP address pool, configuring 5-20 IPSec comparing VPN 3000 with ASA 1-6 LAN-to-LAN, permitting 4-20 parameters group policy 2-5 tunnel group 2-3 remote access, permitting 4-32 tunnel mode 4-14 IPSec LAN-to-LAN tunnel configuring ACLs 4-16 configuring crypto map 4-18 configuring interfaces 4-10, 4-14 configuring ISAKMP Policy 4-11 configuring tunnel group 4-17 ISAKMP configuring 4-11, 4-23 enabling Phase 2 data integrity 1-10 K key length, RSA 1-5 key pairs, generating 4-2 L L2TP, L2TP over IPSec, and PPTP 1-1 LAN-to-LAN tunnel, configuring 4-9 license, comparing of VPN 3000 with ASA 1-5 load balancing comparing VPN 3000 with ASA 1-7 configuring 6-1 logging, event, VPN 3000 1-3 low-latency queueing (LLQ), comparing VPN 3000 with ASA 1-8 low memory, action 1-2 M management traffic accounting, VPN3000 vs. ASA 1-6 managing certificates in ASDM 4-8 MD5 4-12 memory red condition 1-2 minimum bandwidth guarantee, comparing VPN 3000 with ASA 1-8 modes, comparing VPN 3000 with ASA 1-7 N navigation map for ASDM A-1 network list, configuring 5-1 network mask 1-4 nice reboot 1-2 O object group, comparing VPN 3000 with ASA 1-7 P packet inspection 1-3 permitting IPSec traffic LAN-to-LAN 4-20 remote access 4-32 Phase 2 data integrity default setting 1-2 enabling 1-2, 1-10 PKI certificate 1-5 implementation on ASA 2-8 new CLI commands 2-8 policing, comparing VPN 3000 with ASA 1-8 protocols, external servers 5-22 Q Quality of Service (QoS) comparing VPN 3000 with ASA 1-8 configuring 6-5 Quick Configuration program, VPN 3000 3-1 R RADIUS accounting, VPN 3000 vs. ASA 1-6 RADIUS server, configuring 5-20 reboot, nice 1-2 related documentation x remote-access tunnel configuring 4-21 configuring dynamic crypto map 4-30 configuring interfaces 4-22, 4-25 configuring ISAKMP policy 4-23 configuring transform set 4-27 configuring tunnel group 4-28 configuring user access 4-26 RSA key length 1-5 S servers, group policy 2-5 service policy rule wizard 6-5 session timeout, TCP 1-4 SHA, IKE policy keywords (table) 4-12 Split DNS 5-8 split tunneling configuring 5-1 firewalls 5-9 group policy 5-4 tunnel group 5-6 syslog levels, security appliance 1-3 T TCP connection timeout 1-4 timeout, TCP connection 1-4 transform set, configuring for remote access 4-27 Triple DES, IKE policy keyword (table) 4-12 trustpoint 1-5, 4-4 tunnel group attributes 2-2 configuring for LAN-to-LAN 4-17 configuring for remote access 4-28 default 2-2 external authentication 5-26 tunneling protocols, group policy 2-4 U user management, differences from the VPN 3000 2-2 users account attributes 2-7 adding for remote access 4-26 configuring 1-3 V VPN 3000 features in ASA 2-1 VPN 3002 hardware client See EzVPN client VPN client configuring a client firewall to allow HTTP traffic 5-17 firewall options 5-9 firewall policy 5-14 stateful firewall 5-13 VPN Wizard 3-4 W WebVPN comparing VPN 3000 with ASA 1-5 connection parameters, group policy 2-6 wildcard mask 1-4 WINS servers, group policy 2-5 wizards service policy rule 6-5 VPN 3-4
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks