Cisco SA520-K9 Administration Guide - Page 160

Configuring VPN Configuring SSL VPN for Browser-Based Remote Access 7 The User Configuration window opens. STEP 3 Enter the following information: • User Name: Enter a unique identifier for the user. It can include any alphanumeric characters. • First Name: Enter the user's first name. • Last Name: Enter the user's last name. • User Type: Choose SSL VPN User. • Select Group: Choose SSLVPN. • Password: Enter a password that contains alphanumeric, '-' or '_' characters. • Confirm Password: Enter the password again. • Idle Timeout: Enter the time in minutes that the user can be inactive before the session is disconnected. Enter any value from 0 to 999. The timeout value for the individual user has precedence over the timeout for the group. If the user's timeout value is set to 0, the group timeout setting applies. NOTE Every user is added as a local user with password, and when the user is assigned to an external authentication mechanism based on the group, certain attributes such as the local password are ignored. STEP 4 Click Apply to save your settings. Creating the SSL VPN Policies SSL VPN Policies give configured SSL users access to services and network resources. A policy applies to a specific network resource, IP address, or IP address range on the LAN, or to other SSL VPN services that are supported by the security appliance. By default, a global PERMIT policy (not displayed) is preconfigured over all addresses and over all services and ports. You can create user, group, and global policies. Policies are applied based on the following levels of precedence: • User-level policies take precedence over Group-level policies. • Group-level policies take precedence over Global policies. Cisco SA500 Series Security Appliances Administration Guide 160