Configuration Wizards
Using the Remote Access VPN Wizard
Cisco ISA500 Series Integrated Security Appliances Administration Guide 57
2
the IPsec VPN server can assign the IP addresses to the outside
interfaces of remote VPN clients. To define the pool range for remote VPN
clients, enter the starting and ending IP addresses in the Start IP and End
IP fields.
- NEM: Choose this mode for the group policy that is only used for the
Cisco device that supports the Cisco VPN hardware client in NEM mode.
• Client Internet Access: Check this box to automatically create advanced
NAT rules to allow remote VPN clients to access the Internet over the VPN
tunnels. If you uncheck this box, you can manually create advanced NAT
rules. For complete details, see Allowing IPsec Remote VPN Clients to
Access the Internet, page 360.
STEP 9 After you are finished, click Next.
Configuring Access Control Settings
STEP 10 Use the Access Control page to control access from the PC running the Cisco VPN
Client software or the private network of the Cisco VPN hardware client to the
zones over the VPN tunnel. Click Permit to permit access, or click Deny to deny
access.
NOTE: The VPN firewall rules that are automatically generated by the zone access
control settings will be added to the list of firewall rules with the priority higher
than the default firewall rules, but lower than the custom firewall rules.
STEP 11 After you are finished, click Next.
Configuring DNS and WINS Settings
STEP 12 Optionally, use the DNS/WINS page to specify the DNS and domain settings.
• Primary DNS Server: Enter the IP address of the primary DNS server.
• Secondary DNS Server: Enter the IP address of the secondary DNS server.
• Primary WINS Server: Enter the IP address of the primary WINS server.
• Secondary WINS Server: Enter the IP address of the secondary WINS
server.
• Default Domain: Enter the default domain name that should be pushed to
remote VPN clients.
STEP 13 After you are finished, click Next.