21-41
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter 21 Cisco IOS SSL VPN
Additional Help Topics
• One Cisco IOS SSL VPN context can support multiple group policies.
• Each context must have one associated gateway.
• One gateway can support multiple contexts.
• If there is more than one group policy on the router, a AAA server must be
used for authentication.
Cisco IOS SSL VPN Contexts
A Cisco IOS SSL VPN context identifies resources needed to support SSL VPN
tunnels between remote clients and a corporate or private intranet, and supports
one or more group policies. A Cisco IOS SSL VPN context provides the
following resources:
• An associated Cisco IOS SSL VPN gateway, which provides an IP address
that clients can reach and a certificate used to establish a secure connection.
• Means for authentication. You can authenticate users locally, or by using
AAA servers.
• The HTML display settings for the portal that provides links to network
resources.
• Port forwarding lists that enable the use of Thin Client applets on remote
clients. Each list should be configured for use in a specific group policy.
• URL lists that contain links to resources in the corporate intranet. Each list
should be configured for use in a specific group policy.
• NetBIOS Name Server lists. Each list should be configured for use in a
specific group policy.
These resources are available when configuring Cisco IOS SSL VPN group
policies.
A Cisco IOS SSL VPN context can support multiple group policies. A Cisco IOS
SSL VPN context can be associated with only one gateway.
Cisco IOS SSL VPN Gateways
A Cisco IOS SSLVPN gateway provides a reachable IP address and certificate
for one or more Cisco IOS SSL VPN contexts. Each gateway configured on a
router must be configured with its own IP address; IP addresses cannot be shared
among gateways. It is possible to use the IP address of a router interface, or