Filter
Top Products
35-87
Cisco ASDM User Guide
OL-16647-01
Chapter 35 General
Advanced Easy VPN Properties
–
Add—Moves the specified IP address and mask to the IP Address/Mask list.
–
Remove—Moves the selected IP address and mask pair from the IP Address/Mask list to the
individual IP Address and Mask fields in this area.
–
IP Address/Mask—Lists the configured IP address and mask pairs to be operated on by the
Enable or Clear functions in this area.
• IPSec Over TCP—Configure the Easy VPN Remote connection to use TCP-encapsulated IPSec.
–
Enable—Enables IPSec over TCP.
Note Choose Configuration > VPN > IPSec > Pre-Fragmentation, double-click the outside
interface, and set the DF Bit Setting Policy to Clear if you configure the Easy VPN Remote
connection to use TCP-encapsulated IPSec. The Clear setting lets the security appliance
send large packets.
–
Enter Port Number—Specifies the port number to use for the IPSec over TCP connection.
• Server Certificate—Configures the Easy VPN Remote connection to accept only connections to
Easy VPN servers with the specific certificates specified by the certificate map. Use this parameter
to enable Easy VPN server certificate filtering. To define a certificate map, go to Configuration >
VPN > IKE > Certificate Group Matching > Rules.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——