Filter
Top Products
21-31
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter 21 Cisco IOS SSL VPN
Editing SSL VPN Connections
Dead Peer Detection Timeouts
Dead Peer Detection (DPD) allows a system to detect a peer that is no longer
responding. You can set separate timeouts that the router can use to detect clients
that are no longer responding, and servers that are no longer responding. The
range for both is from 0 to 3600 seconds.
Configure DNS and WINS servers Button
Click to display the DNS and WINS Servers dialog, which allows you to provide
the IP addresses of the DNS and WINS servers on the corporate intranet that
clients should use when accessing intranet hosts and services.
Configure Advanced Tunnel Options Button
Click to display the Advanced Tunnel Options dialog, which allows you to
configure tunnel settings for split tunneling, split DNS, and proxy server settings
for clients using Microsoft Internet Explorer.
Advanced Tunnel Options
The settings that you make in this dialog allow you to control the traffic that is
encrypted, specify the DNS servers on the corporate intranet, and specify the
proxy server settings that are to be sent to client browsers.
Split Tunneling
Encrypting all tunnel traffic may take excessive system resources. Split tunneling
allows you to specify the networks whose traffic should be encrypted, and exempt
traffic destined for other networks from encryption. You can either specify which
tunnel traffic is to be encrypted or you can specify the traffic that is not to be
encrypted and allow the router to encrypt all other tunnel traffic. You can only
build one list; included and excluded traffic are mutually exclusive.
Click Include traffic and use the Add, Edit, and Delete keys to build a list of
destination networks whose traffic is to be encrypted. Or, click Exclude traffic
and build a list of the destination networks whose traffic is not to be encrypted.
Click Exclude Local LANs to explicitly exclude from encryption client traffic
destined for LANs that the router is connected to. If there are networked printers
on these LANs, you must use this option.