I'm setting up a Cisco ASA to terminate remote VPN client connections but I want to ensure that the stateful firewall is enabled on the client.
I know that this is possible with the VPN Concentrator but can't see any documentation detailing this can be achieved on an ASA.
Anybody come across this?
I believe you can use the group policy settings to configure client firewall.
You can find more informations about this feature in the migration guide at http://www.cisco.com/en/US/docs/security/asa/asa72/vpn3000_upgrade/upgrade/guide/migrate.html.
Hope this help.
Step 1 Under the Configuration > VPN > General > Group Policy panel, select the group policy in the table and
click Edit. ASDM displays the Edit Group Policy dialog box.
Step 2 Click the Client Firewall tab. Figure 5-6 shows the client firewall options configured for this example:
â¢ Inherit-unchecked (disabled)
â¢ Firewall Setting-Firewall Required
â¢ Firewall Type-Cisco Integrated Client Firewall
â¢ Firewall Policy-Policy Pushed (CPP)