Filter
Top Products
4-17
Cisco IP Solution Center Integrated VPN Management Suite Security User Guide, 3.2
OL-5532-02
Chapter 4 Remote Access VPN Services
Creating Remote Access VPN Policies
Step 3 Click Next to continue to the Remote Access VPN Policy – PIX Firewall Editor page as described in the
“Defining PIX Firewall-Specific Parameters” section on page 4-17.
Defining PIX Firewall-Specific Parameters
Perform the following steps if you are provisioning remote access on Cisco PIX security appliances in
your network:
Step 1 The Remote Access VPN Policy – PIX Firewall Editor page appears as shown in Figure 4-18.
Reverse Route
Injection
checkbox Check to enable reverse route injection (RRI). RRI injects the host route into the
routing table for the IP address that was allocated out of the remote access address
pool. (RRI uses the host address as the route destination in the route entry of the
routing table.) This allows the creation of a static route for a remote, protected
network.
This feature is also used for Network-Based Remote Access. For more information
on Network-Based Remote Access, refer to the Cisco IP Solution Center Integrated
VPN Management Suite Network-Based IPsec VPN User Guide, 3.2.
Reverse Route
Remote Peer
checkbox To enable this option, you must first check Reverse Route Injection and then you
can check Reverse Route Remote Peer, as shown in Figure 4-17. The Reverse
Route Remote Peer option creates a route in the routing table for the remote tunnel
endpoint.
Group Lock checkbox The Group Lock option ties user group membership to IKE negotiation user
authentication during XAuth. Check the box to enable. Uncheck the box to disable
this option.
Table 4-6 Cisco IOS Editor Fields
Field Name Type Instructions