Chapter 11
Scenario: SSL VPN Clientless Connections
Implementing the Clientless SSL VPN Scenario
The ASA 5500 series generates a self-signed certificate by default. For improved
Note
security and to eliminate browser warning messages, you may want to purchase a
publicly trusted SSL VPN certificate before putting the system in a production
environment.
Specifying a User Authentication Method
Users can be authenticated either by a local authentication database or by using
external authentication, authorization, and accounting (AAA) servers (RADIUS,
TACACS+, SDI, NT, Kerberos, and LDAP).
In Step 3 of the SSL VPN Wizard, perform the following steps:
If you are using a AAA server or server group for authentication, perform the
Step 1
following steps:
a.
Click the Authenticate using a AAA server group radio button.
Cisco ASA 5500 Series Getting Started Guide
11-8
78-19186-01