CSA MC Unreachable policy

Unanswered Question
Dec 11th, 2008
User Badges:

Hi All ..

I have a requirement whereby my customer wants to lock down their laptops so that they can only access internal addresses. This is easy enough, however when a user takes the laptop out of the office, the customer needs to allow the laptop sufficient access to enable them to connect to a wireless or wired POP, and then launch the VPN client to allow them to access the internal services.

So my idea was to create a state based rule where, if the client can't see the MC, then they get temporary access to external IP addresses to allow them to connect to a POP, and also launch the VPN client. After a set time, all external access is removed to stop the user from accessing the internet.

I have read through this document - (http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/secwlandg20/csa_mobile_secure.html#wp963193)

Which provides an overview of the connectivity i need including detail of a 300second timer which is invoked when the MC becomes unreachable, but it is unclear where to set this timer - any ideas ??

Does anyone have a suggested policy that will achieve what i have described above

Thanks in advance


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion