Filter
Top Products
35-54
Cisco ASDM User Guide
OL-16647-01
Chapter 35 General
Mapping Certificates to IPSec or SSL VPN Connection Profiles
• Operator—Select the operator used in the rule:
–
Equals—The distinguished name field must exactly match the value.
–
Contains—The distinguished name field must include the value within it.
–
Does Not Equal—The distinguished name field must not match the value
–
Does Not Contain—The distinguished name field must not include the value within it.
Value—Enter up to 255 characters to specify the object of the operator.
Modes
The following table shows the modes in which this feature is available:
Configure Site-to-Site Tunnel Groups
The Tunnel Groups window shows the attributes of the currently configured Site-to-Site tunnel groups,
lets you select the delimiter to use when parsing tunnel group names, and lets you adds, modify, or delete
tunnel groups.
Fields
• Add—Opens the Add IPSec Site-to-Site Tunnel Group dialog box.
• Edit—Opens the Edit IPSec Site-to-Site Tunnel Group dialog box.
• Delete—Removes the selected tunnel group. There is no confirmation or undo.
• Table of Tunnel Groups—Lists the tunnel group name, CA Certificate, IPSec protocol status
(enabled or disabled), and group policy applied for each configured tunnel group.
• Group Delimiter—Selects the delimiter character to use parsing tunnel group names from the
usernames that are received when tunnels are being negotiated.
Surname (SN) The family name or last name of the certificate owner.
State/Province (S/P) The state or province where the organization is located.
Title (T) The title of the certificate owner, such as Dr.
User ID (UID) The identification number of the certificate owner.
Unstructured Name
(UNAME)
The unstructuredName attribute type specifies the name or names of a
subject as an unstructured ASCII string.
IP Address (IP) IP address field.
DN Field Definition
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——