Casio ISA550WBUN3K9 User Manual

Page of 479
VPN
Configuring IPsec Remote Access
Cisco ISA500 Series Integrated Security Appliances Administration Guide
359
8
 
Client Internet Access: Check this box to automatically create advanced 
NAT rules to allow remote VPN clients to access the Internet over the VPN 
tunnels. If you uncheck this box, you can manually create advanced NAT 
rules. See 
WAN Failover: Click On to enable WAN Failover, or click Off to disable it. If 
you enable WAN Failover, traffic is automatically redirected to the secondary 
link when the primary link is down.
NOTE: To enable WAN Failover for IPsec Remote Access, make sure that the 
secondary WAN port was configured and the WAN redundancy was set as 
the Load Balancing or Failover mode.
NOTE: The security appliance will automatically update the local WAN 
gateway for the VPN tunnel based on the configurations of the backup WAN 
link. For this purpose, Dynamic DNS has to be configured because the IP 
address will change due to failover and remote VPN clients must use the 
domain name of the IPsec VPN server to establish the VPN connections.
STEP 4
In the Zone Access Control tab, you can control access from the PC running the 
Cisco VPN Client software or the private network of the Cisco VPN hardware 
client to the zones over the VPN tunnels. Click Permit to permit access, or click 
Deny to deny access. 
NOTE: The VPN firewall rules that are automatically generated by the zone access 
control settings will be added to the list of firewall rules with the priority higher 
than the default firewall rules, but lower than the custom firewall rules. 
STEP 5
In the Mode Configuration Settings tab, enter the following information: 
Primary DNS Server: Enter the IP address of the primary DNS server. 
Secondary DNS Server: Enter the IP address of the secondary DNS server. 
Primary WINS Server: Enter the IP address of the primary WINS server.
Secondary WINS Server: Enter the IP address of the secondary WINS 
server. 
Default Domain: Enter the default domain name that should be pushed to 
remote VPN clients. 
Backup Server 1/2/3: Enter the IP address or hostname for the backup 
server. You can specify up to three IPsec VPN servers as backup. When the 
connection to the primary server fails, the VPN clients can attempt to 
connect to the backup servers. The backup server 1 has the highest priority 
and the backup server 3 has the lowest priority.