Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DAP rule for ezvpn remote

Hi,

I am currently using ezvpn for branch office and remote access and I have a plan to deploy SSL vpn.

The device i use is ASA5510.

At the same time i deploy SSL vpn, I will start using DAP.

My question is what kind of DAP rule i should create for ezvpn remote.

I fould out the way for ezvpn client in the thread below.

(select "application" endpoint attribute type and set the "client type" to "IPsec".)

https://supportforums.cisco.com/thread/255314;jsessionid=9D14A1315618488A914DE8DB621470A3.node0?tstart=-1

Does this work with ezvpn remote as well?

Thanks in advance.

1 REPLY
New Member

Re: DAP rule for ezvpn remote

I think I need to give some additiona information.

Since I currently do not use DAP, ezvpn remote and client is allowed to communicate by default DAP record which is DfltAccessPolicy.

After depolying SSL VPN, I would like to use DfltAccessPolicy to block the session. (like an "implicit deny all" in ACL)

I belive usually DfltAccessPolicy is used in this way..

That means I need to create another DAP rule for ezvpn remote and client to prevent being blocked.

My question is what kind of attribute I need to look at to allow ezvpn remote.

Thanks in advance.

276
Views
0
Helpful
1
Replies
CreatePlease to create content