Cisco ASDM User Guide, 6.1 - Index [Cisco Adaptive Security Device Manager]

Table Of Contents

Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - R - S - T - U - V - W - X - Z

Index

Numerics

4GE SSM

connector types 6-2, 7-2

fiber 6-2, 7-2

SFP 6-2, 7-2

support A-9

802.1Q trunk 6-3, 7-5

A

AAA

about 14-1, 15-1, 16-1

auditing session traffic 15-49

authentication

CLI access 15-4, 15-5

interactive 15-10

network access 15-6

authorization

command 15-19

network access 14-10

server

adding 15-34

supported types 14-13

web clients 15-11

AAA server group, add (group-policy) 36-6

ABR

definition of 10-2

Access Control Server 35-24

Access Group panel 11-2

description 11-2

fields 11-2

accounting

about 14-12

supported servers 14-12

Accounting tab, tunnel group 36-66

ACE

add/edit/paste 36-15

Extended ACL tab 36-14

ACL

enabling IPSEC authenticated inbound sessions to bypass ACLs 36-80, 39-28

extended 36-14

for Clientless SSL VPN 36-41

standard 36-14

ACL Manager

Add/Edit/Paste ACE 36-15

dialog box 36-13

Active/Active failover

about 13-2

command replication 13-2

configuration synchronization 13-2

Active/Standby failover 13-2

ActiveX

object filtering, benefits of 27-6

Add/Edit Access Group dialog box 11-3

description 11-3

fields 11-3

Add/Edit Filtering Entry dialog box 10-9

description 10-9

fields 10-9

Add/Edit IGMP Join Group dialog box 11-4

description 11-4

fields 11-4

Add/Edit IGMP Static Group dialog box 11-7

description 11-7

fields 11-7

Add/Edit Multicast Group dialog box 11-18

description 11-18

fields 11-18

Add/Edit Multicast Route dialog box

description 11-8

fields 11-8

Add/Edit OSPF Area dialog box 10-5

description 10-5

fields 10-6

Add/Edit OSPF Neighbor Entry dialog box 10-17

description 10-17

fields 10-18

Restrictions 10-17

Add/Edit Periodic Time Range dialog box 20-16

Add/Edit Redistribution dialog box 10-16

description 10-16

fields 10-16

Add/Edit Rendezvous Point dialog box 11-16

description 11-16

fields 11-17

restrictions 11-17

Add/Edit Route Summarization dialog box 10-8

about 10-8

fields 10-8

Add/Edit SSH Configuration dialog box 17-21

Add/Edit Summary Address dialog box

description 10-19

fields 10-19

Add/Edit Time Range dialog box 20-15

Add/Edit Virtual Link dialog box 10-20

description 10-20

fields 10-20

address assignment, client 36-67

Address Pool panel, VPN wizard 33-11

address pools, tunnel group 36-67

Address Translation Exemption panel, VPN wizard 33-12

admin context

overview 9-1

administrative access

using ICMP for 17-5

Advanced DHCP Options dialog box 12-7

description 12-7

fields 12-7

Advanced OSPF Interface Properties dialog box 10-14

description 10-14

fields 10-14

Advanced OSPF Virtual Link Properties dialog box 10-21

description 10-21

fields 10-21

Advanced tab, tunnel group 36-67

AIP SSM

about 29-1

configuration 29-4

sending traffic to 29-6

support A-9

alternate address, ICMP message 17-52

APN, GTP application inspection 25-86

APPE command, denied request 25-80

application access

and e-mail proxy 38-7

and Web Access 38-7

configuring client applications 38-6

enabling cookies on browser 38-6

privileges 38-6

quitting properly 38-6

setting up on client 38-6

using e-mail 38-7

with IMAP client 38-7

application firewall 25-93

application inspection

about 25-2

applying 25-4

configuring 25-4

described 25-58

enabling for different protocols 25-27

security level requirements 6-4, 7-8

Apply button 1-10

Area/Networks tab 10-5

description 10-5

fields 10-5

area border router 10-2

ARP inspection

configuring 31-1

ARP spoofing 31-2

ARP table

monitoring 42-1

static entry 31-3

ASA 5505

Base license 8-2

client

Xauth 36-84

MAC addresses 8-4

maximum VLANs 8-2

power over Ethernet 8-4

Security Plus license 8-2

SPAN 8-4

ASBR

definition of 10-2

ASDM

version 1-14

attacks

DNS HINFO request 28-15

DNS request for all records 28-15

DNS zone transfer 28-15

DNS zone transfer from high port 28-15

fragmented ICMP traffic 28-14

IP fragment 28-12

IP impossible packet 28-12

large ICMP traffic 28-14

ping of death 28-14

proxied RPC request 28-15

statd buffer overflow 28-16

TCP FIN only flags 28-15

TCP NULL flags 28-14

TCP SYN+FIN flags 28-14

UDP bomb 28-15

UDP chargen DoS 28-15

UDP snork 28-15

attributes

LDAP C-5

policy C-2

RADIUS C-19

Attributes Pushed to Client panel, VPN wizard 33-12

attribute-value pairs

TACACS+ C-26

auditing session traffic 15-49

authenticating a certificate 34-1

authentication

about 14-1

CLI access 15-4, 15-5

network access 15-6

supported servers 14-4

web clients 15-11

Authentication tab 10-10

description 10-10

fields 10-10

Authentication tab, tunnel group 36-64

authorization

about 14-7

command 15-19

network access 14-10

supported servers 14-8

Authorization tab, tunnel group 36-65

Auto-MDI/MDIX 6-2, 7-2

B

backed up configurations

restoring 2-26

backing up configurations 2-25

bandwidth 1-16

banner, view/configure 36-25

Basic tab

IPSec LAN-to-LAN, General tab 36-71

basic threat detection

See threat detection

bridging

MAC address table

learning, disabling 31-6

overview 31-4

static entry 31-6

management IP address 5-1

Browse ICMP 36-19

Browse Other 36-20

Browse Source or Destination Address 36-17

Browse Source or Destination Port 36-18

Browse Time Range 36-11

building blocks 20-1

C

CA certificate 34-1

CA Certificates 34-1

call agents

MGCP application inspection 25-107, 25-108

Cancel button 1-10

capturing packets B-12

CDUP command, denied request 25-80

certificate

CA 34-1

code-signer 34-17

Identity 34-11

Local CA 34-20

certificate authentication 34-1

certificate enrollment 34-3, 34-12

Cisco-AV-Pair LDAP attributes C-14

Cisco Client Parameters tab 36-25

Cisco IP Phones, application inspection 25-21

Cisco LDAP attributes C-5

classes

See resource management

Client Access Rule, add or edit 36-23

Client Address Assignment 36-67

Client Authentication panel, VPN wizard 33-9

Client Configuration tab 36-24

Client Firewall tab 36-28

Clientless SSL VPN

client application requirements 38-2

client requirements 38-2

for file management 38-5

for network browsing 38-5

for web browsing 38-4

start-up 38-3

enable cookies for 38-6

end user set-up 38-1

printing and 38-3

remote requirements

for port forwarding 38-6

for using applications 38-6

remote system configuration and end-user requirements 38-3

security tips 38-2

supported applications 38-2

supported browsers 38-3

supported types of Internet connections 38-3

URL 38-3

username and password required 38-3

usernames and passwords 38-1

use suggestions 38-1

client parameters, configuring 36-24

Client Update, edit , Windows and VPN 3002 clients 36-3

Client Update window, Windows and VPN 3002 clients 36-1

code-signer certificate 34-17

command authorization

configuring 15-19

multiple contexts 14-9

configuration

context files 9-2

factory default 3-1

configurations, backing up 2-25

Configure IGMP Parameters dialog box 11-5

description 11-5

fields 11-5

configuring

CSC activation 30-10

CSC email 30-22

CSC file transfer 30-24

CSC IP address 30-11

CSC license 30-10

CSC management access 30-12

CSC notifications 30-11

CSC password 30-13

CSC Setup Wizard 30-15, 30-19

CSC Setup Wizard Activation Codes Configuration 30-15

CSC Setup Wizard Host Configuration 30-17

CSC Setup Wizard IP Configuration 30-16

CSC Setup Wizard Management Access Configuration 30-17

CSC Setup Wizard Password Configuration 30-18

CSC Setup Wizard Summary 30-20

CSC Setup Wizard Traffic Selection for CSC Scan 30-18

CSC updates 30-25

CSC Web 30-21

connections per second 1-16

context mode

viewing 1-14

contexts

See security contexts

conversion error, ICMP message 17-52

CPU usage 1-15

crash dump B-12

CRL

cache refresh time 34-10

enforce next update 34-10

CSC 30-15

CSC activation

configuring 30-10

CSC CPU

monitoring 48-4

CSC email

configuring 30-22

CSC file transfer

configuring 30-24

CSC File Transfer panel

fields 30-24

CSC IP address

configuring 30-11

CSC license

configuring 30-10

CSC management access

configuring 30-12

CSC memory

monitoring 48-5

CSC notifications

configuring 30-11

CSC password

configuring 30-13

CSC security events

monitoring 48-2

CSC Setup Wizard 30-15

activation codes configuratrion 30-15

Host configuratrion 30-17

IP configuratrion 30-16

management access configuratrion 30-17

password configuratrion 30-18

specifying traffic for CSC Scanning 30-19

summary 30-20

traffic selection for CSC Scan 30-18

CSC software updates

monitoring 48-4

CSC SSM

getting started 30-4

overview 30-2

support A-9

what to scan 30-6

CSC threats

monitoring 48-1

CSC updates

configuring 30-25

CSC Web

configuring 30-21

CTIQBE

application inspection, enabling 25-27

D

data flow

routed firewall 19-1

transparent firewall 19-11

debug messages B-12

default class 9-12

default configuration 3-1

default policy 24-2

default routes

defining equal cost routes 10-41

definition of 10-41

for tunneled traffic 10-41

default tunnel gateway 36-4

destination address, browse 36-17

destination port, browse 36-18

device ID, including in messages 18-6

Device Pass-Through 36-85

DHCP

configuring 12-4

interface IP address 8-8

monitoring

interface lease 42-2

IP addresses 42-2

server 42-2

statistics 42-3

services 12-1

statistics 42-3

DHCP relay

overview 12-1

DHCP Relay - Add/Edit DHCP Server dialog box 12-3

description 12-3

fields 12-3

restrictions 12-3

DHCP Relay panel 12-1

description 12-1

fields 12-2

prerequisites 12-2

restrictions 12-1

DHCP Server panel 12-4

description 12-4

fields 12-4

DHCP services 12-1

digital certificates 34-1

directory hierarchy search C-4

disabling content rewrite 39-13

DNS

application inspection, enabling 25-27

inspection

about 25-6

managing 25-6

rewrite, about 25-7

NAT effect on 23-13

DNS client 12-9

DNS HINFO request attack 28-15

DNS request for all records attack 28-15

DNS zone transfer attack 28-15

DNS zone transfer from high port attack 28-15

duplex

interface 8-13

duplex, configuring 6-2, 7-2

dynamic NAT

See NAT

E

Easy VPN

client

Xauth 36-84

Easy VPN, advanced properties 36-85

Easy VPN client 36-83

Easy VPN Remote 36-83

echo reply, ICMP message 17-52

ECMP 10-40

Edit DHCP Relay Agent Settings dialog box 12-3

description 12-3

fields 12-3

prerequisites 12-3

restrictions 12-3

Edit DHCP Server dialog box 12-6

description 12-6

fields 12-6

Edit OSPF Interface Authentication dialog box 10-11

description 10-11

fields 10-11

Edit OSPF Interface Properties dialog box 10-13

fields 10-13

Edit OSPF Process Advanced Properties dialog box 10-3

description 10-3

fields 10-3

Edit PIM Protocol dialog box 11-12

description 11-12

fields 11-12

e-mail proxy

and Clientless SSL VPN 38-7

Enable IPSec authenticated inbound sessions 36-80, 39-28

enrolling

certificate 34-3, 34-12

ESMTP

application inspection, enabling 25-27

established command, security level requirements 6-5, 7-9

Ethernet

Auto-MDI/MDIX 6-2, 7-2

duplex 6-2, 7-2

jumbo frame support

multiple mode 7-7

single mode 6-8

MTU 6-8, 7-10, 8-10

speed 6-2, 7-2

extended ACL 36-14

external filtering server 27-5

External Group Policy, add or edit 36-5

F

factory default configuration 3-1

failover

about virtual MAC addresses 13-21

criteria 13-20, 13-28

defining standby IP addresses 13-18, 13-19

defining virtual MAC addresses 13-22

enable 13-26

enabling Active/Standby 13-15

enabling LAN-based 13-15

enabling LAN-based failover 13-26

enabling Stateful Failover 13-16

graphs 47-4

in multiple context mode 13-26

interface

system 7-2

key 13-15, 13-26

make active 47-4

make standby 47-4

monitoring 47-1

monitoring interfaces 13-19

redundant interfaces 6-2, 7-4

reload standby 47-4

reset 47-4, 47-8

stateful 13-3

Stateful Failover 13-27

stateless 13-3

status 47-1

failover groups

about 13-29

adding 13-30

editing 13-30

monitoring 47-9

reset 47-10

fiber interfaces 6-2, 7-2

filtering

benefits of 27-5

rules 27-7

security level requirements 6-5, 7-8

servers supported 27-1

URLs 27-1

Filtering panel 10-8

benefits 10-8

description 10-8

fields 10-9

restrictions 10-8

firewall, client, configuring settings 36-28

firewall mode

configuring 3-4

overview 19-1

viewing 1-14

firewall server, Zone Labs 36-82

fragmentation policy, IPSec 35-2

fragmented ICMP traffic attack 28-14

FTP

application inspection

enabling 25-28

viewing 24-13, 25-60, 25-62, 25-69, 25-70, 25-77, 25-78, 25-87, 25-88, 25-94, 25-101, 25-104, 25-107, 25-111, 25-113, 25-114, 25-118

filtering option 27-9

FTP inspection

about 25-8

configuring 25-8

G

gateway, default tunnel gateway 36-4

gateways

MGCP application inspection 25-109

General Client Parameters tab 36-24

global addresses

recommendations 23-13

Group Policy window

add or edit, General tab 36-6, 36-10

introduction 36-4

IPSec tab, add or edit 36-21

GTP

application inspection

enabling 25-28

viewing 25-82

GTP inspection

configuring 25-10

H

H.323

transparent firewall guidelines 19-8

H.323 inspection

about 25-12

configuring 25-11

limitations 25-13

H225

application inspection, enabling 25-28

H323 RAS

application inspection, enabling 25-28

Hardware Client tab 36-30

Help button 1-10

HELP command, denied request 25-80

Help menu 1-7

history metrics 5-6

HSRP 19-8

HTTP

application inspection

enabling 25-28

viewing 25-93

filtering 27-1

benefits of 27-6

configuring 27-8

HTTP inspection

configuring 25-13

HTTPS

allowing network or host access to ASDM 17-15

authentication

redirect method 15-10

filtering option 27-9

I

ICMP

add group 36-20

application inspection, enabling 25-28

browse 36-19

rules for access to ADSM 17-5

testing connectivity B-1

ICMP Error

application inspection, enabling 25-28

ICMP Group 36-20

ICMP types

selecting 17-52

Identity Certificates 34-11

IGMP

access groups 11-2

configuring interface parameters 11-5

group membership 11-3

interface parameters 11-5

static group assignment 11-6

IGMP panel

IGMP

overview 11-2

IKE Policy panel, VPN wizard 33-4

IKE tunnels, amount 1-15

ILS

application inspection, enabling 25-28

ILS inspection 25-14

IM 25-20

information reply, ICMP message 17-52

information request, ICMP message 17-52

inspection engines

See application inspection

Instant Messaging inspection 25-20

interactive authentication 15-10

interface

duplex 8-13

failover link

system 7-2

IP address

DHCP 8-8

management only 8-8

MTU 6-8, 7-10, 8-10

name 8-8

security level 8-8

status 1-16

subinterface, adding 6-5, 7-6

throughput 1-16

Interface panel 10-10

interfaces

ASA 5505

MAC addresses 8-4

maximum VLANs 8-2

duplex 6-2, 7-2

enabled status 7-2

fiber 6-2, 7-2

jumbo frame support

multiple mode 7-7

single mode 6-8

monitoring 42-5

redundant 7-3

SFP 6-2, 7-2

speed 6-2, 7-2

subinterfaces

	Cisco ASDM User Guide, 6.1
	Index
Cisco ASDM User Guide, 6.1 Preface Getting Started Welcome to ASDM Introduction to the Security Appliance Defining Preferences and Using Configuration, Diagnostic, and File Management Tools Before You Start Device Setup and Management Using the Startup Wizard Configuring Basic Device Settings Configuring Interfaces Configuring Interfaces in Multiple Mode Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance Configuring Security Contexts Configuring Dynamic And Static Routing Configuring Multicast Routing DHCP, DNS and WCCP Services Configuring AAA Servers and the Local Database Configuring High Availability Managing Device Access Configuring Logging Configuring the Firewall Firewall Mode Overview Adding Global Objects Configuring Access Rules and EtherType Rules Configuring NAT Configuring Service Policy Rules Applying AAA for Network Access Configuring Application Layer Protocol Inspection Configuring QoS Configuring Filter Rules Configuring Advanced Firewall Protection Configuring IPS Configuring Trend Micro Content Security Configuring ARP Inspection and Bridging Parameters Configuring VPN Using the SSL VPN Wizard Using the VPNWizard Configuring Certificates Configuring IKE General VPN Setup Configuring Dynamic Access Policies Clientless SSL VPN End User Set-up Configuring Clientless SSL VPN Configuring the E-Mail Proxy Configuring SSL Settings Monitoring the Security Appliance Monitoring Interfaces Monitoring VPN Monitoring Routing Monitoring Properties Monitoring Logging Monitoring Failover Monitoring Trend Micro Content Security Reference Feature Licenses and Specifications Troubleshooting the Security Appliance Configuring an External Server for Authorization and Authentication Index	Download this chapter Index Download the complete book Full-Book PDF: Cisco ASDM User Guide, 6.1 (PDF - 13 MB) Table Of Contents Numerics - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - R - S - T - U - V - W - X - Z Index Numerics 4GE SSM connector types 6-2, 7-2 fiber 6-2, 7-2 SFP 6-2, 7-2 support A-9 802.1Q trunk 6-3, 7-5 A AAA about 14-1, 15-1, 16-1 auditing session traffic 15-49 authentication CLI access 15-4, 15-5 interactive 15-10 network access 15-6 authorization command 15-19 network access 14-10 server adding 15-34 supported types 14-13 web clients 15-11 AAA server group, add (group-policy) 36-6 ABR definition of 10-2 Access Control Server 35-24 Access Group panel 11-2 description 11-2 fields 11-2 accounting about 14-12 supported servers 14-12 Accounting tab, tunnel group 36-66 ACE add/edit/paste 36-15 Extended ACL tab 36-14 ACL enabling IPSEC authenticated inbound sessions to bypass ACLs 36-80, 39-28 extended 36-14 for Clientless SSL VPN 36-41 standard 36-14 ACL Manager Add/Edit/Paste ACE 36-15 dialog box 36-13 Active/Active failover about 13-2 command replication 13-2 configuration synchronization 13-2 Active/Standby failover 13-2 ActiveX object filtering, benefits of 27-6 Add/Edit Access Group dialog box 11-3 description 11-3 fields 11-3 Add/Edit Filtering Entry dialog box 10-9 description 10-9 fields 10-9 Add/Edit IGMP Join Group dialog box 11-4 description 11-4 fields 11-4 Add/Edit IGMP Static Group dialog box 11-7 description 11-7 fields 11-7 Add/Edit Multicast Group dialog box 11-18 description 11-18 fields 11-18 Add/Edit Multicast Route dialog box description 11-8 fields 11-8 Add/Edit OSPF Area dialog box 10-5 description 10-5 fields 10-6 Add/Edit OSPF Neighbor Entry dialog box 10-17 description 10-17 fields 10-18 Restrictions 10-17 Add/Edit Periodic Time Range dialog box 20-16 Add/Edit Redistribution dialog box 10-16 description 10-16 fields 10-16 Add/Edit Rendezvous Point dialog box 11-16 description 11-16 fields 11-17 restrictions 11-17 Add/Edit Route Summarization dialog box 10-8 about 10-8 fields 10-8 Add/Edit SSH Configuration dialog box 17-21 Add/Edit Summary Address dialog box description 10-19 fields 10-19 Add/Edit Time Range dialog box 20-15 Add/Edit Virtual Link dialog box 10-20 description 10-20 fields 10-20 address assignment, client 36-67 Address Pool panel, VPN wizard 33-11 address pools, tunnel group 36-67 Address Translation Exemption panel, VPN wizard 33-12 admin context overview 9-1 administrative access using ICMP for 17-5 Advanced DHCP Options dialog box 12-7 description 12-7 fields 12-7 Advanced OSPF Interface Properties dialog box 10-14 description 10-14 fields 10-14 Advanced OSPF Virtual Link Properties dialog box 10-21 description 10-21 fields 10-21 Advanced tab, tunnel group 36-67 AIP SSM about 29-1 configuration 29-4 sending traffic to 29-6 support A-9 alternate address, ICMP message 17-52 APN, GTP application inspection 25-86 APPE command, denied request 25-80 application access and e-mail proxy 38-7 and Web Access 38-7 configuring client applications 38-6 enabling cookies on browser 38-6 privileges 38-6 quitting properly 38-6 setting up on client 38-6 using e-mail 38-7 with IMAP client 38-7 application firewall 25-93 application inspection about 25-2 applying 25-4 configuring 25-4 described 25-58 enabling for different protocols 25-27 security level requirements 6-4, 7-8 Apply button 1-10 Area/Networks tab 10-5 description 10-5 fields 10-5 area border router 10-2 ARP inspection configuring 31-1 ARP spoofing 31-2 ARP table monitoring 42-1 static entry 31-3 ASA 5505 Base license 8-2 client Xauth 36-84 MAC addresses 8-4 maximum VLANs 8-2 power over Ethernet 8-4 Security Plus license 8-2 SPAN 8-4 ASBR definition of 10-2 ASDM version 1-14 attacks DNS HINFO request 28-15 DNS request for all records 28-15 DNS zone transfer 28-15 DNS zone transfer from high port 28-15 fragmented ICMP traffic 28-14 IP fragment 28-12 IP impossible packet 28-12 large ICMP traffic 28-14 ping of death 28-14 proxied RPC request 28-15 statd buffer overflow 28-16 TCP FIN only flags 28-15 TCP NULL flags 28-14 TCP SYN+FIN flags 28-14 UDP bomb 28-15 UDP chargen DoS 28-15 UDP snork 28-15 attributes LDAP C-5 policy C-2 RADIUS C-19 Attributes Pushed to Client panel, VPN wizard 33-12 attribute-value pairs TACACS+ C-26 auditing session traffic 15-49 authenticating a certificate 34-1 authentication about 14-1 CLI access 15-4, 15-5 network access 15-6 supported servers 14-4 web clients 15-11 Authentication tab 10-10 description 10-10 fields 10-10 Authentication tab, tunnel group 36-64 authorization about 14-7 command 15-19 network access 14-10 supported servers 14-8 Authorization tab, tunnel group 36-65 Auto-MDI/MDIX 6-2, 7-2 B backed up configurations restoring 2-26 backing up configurations 2-25 bandwidth 1-16 banner, view/configure 36-25 Basic tab IPSec LAN-to-LAN, General tab 36-71 basic threat detection See threat detection bridging MAC address table learning, disabling 31-6 overview 31-4 static entry 31-6 management IP address 5-1 Browse ICMP 36-19 Browse Other 36-20 Browse Source or Destination Address 36-17 Browse Source or Destination Port 36-18 Browse Time Range 36-11 building blocks 20-1 C CA certificate 34-1 CA Certificates 34-1 call agents MGCP application inspection 25-107, 25-108 Cancel button 1-10 capturing packets B-12 CDUP command, denied request 25-80 certificate CA 34-1 code-signer 34-17 Identity 34-11 Local CA 34-20 certificate authentication 34-1 certificate enrollment 34-3, 34-12 Cisco-AV-Pair LDAP attributes C-14 Cisco Client Parameters tab 36-25 Cisco IP Phones, application inspection 25-21 Cisco LDAP attributes C-5 classes See resource management Client Access Rule, add or edit 36-23 Client Address Assignment 36-67 Client Authentication panel, VPN wizard 33-9 Client Configuration tab 36-24 Client Firewall tab 36-28 Clientless SSL VPN client application requirements 38-2 client requirements 38-2 for file management 38-5 for network browsing 38-5 for web browsing 38-4 start-up 38-3 enable cookies for 38-6 end user set-up 38-1 printing and 38-3 remote requirements for port forwarding 38-6 for using applications 38-6 remote system configuration and end-user requirements 38-3 security tips 38-2 supported applications 38-2 supported browsers 38-3 supported types of Internet connections 38-3 URL 38-3 username and password required 38-3 usernames and passwords 38-1 use suggestions 38-1 client parameters, configuring 36-24 Client Update, edit , Windows and VPN 3002 clients 36-3 Client Update window, Windows and VPN 3002 clients 36-1 code-signer certificate 34-17 command authorization configuring 15-19 multiple contexts 14-9 configuration context files 9-2 factory default 3-1 configurations, backing up 2-25 Configure IGMP Parameters dialog box 11-5 description 11-5 fields 11-5 configuring CSC activation 30-10 CSC email 30-22 CSC file transfer 30-24 CSC IP address 30-11 CSC license 30-10 CSC management access 30-12 CSC notifications 30-11 CSC password 30-13 CSC Setup Wizard 30-15, 30-19 CSC Setup Wizard Activation Codes Configuration 30-15 CSC Setup Wizard Host Configuration 30-17 CSC Setup Wizard IP Configuration 30-16 CSC Setup Wizard Management Access Configuration 30-17 CSC Setup Wizard Password Configuration 30-18 CSC Setup Wizard Summary 30-20 CSC Setup Wizard Traffic Selection for CSC Scan 30-18 CSC updates 30-25 CSC Web 30-21 connections per second 1-16 context mode viewing 1-14 contexts See security contexts conversion error, ICMP message 17-52 CPU usage 1-15 crash dump B-12 CRL cache refresh time 34-10 enforce next update 34-10 CSC 30-15 CSC activation configuring 30-10 CSC CPU monitoring 48-4 CSC email configuring 30-22 CSC file transfer configuring 30-24 CSC File Transfer panel fields 30-24 CSC IP address configuring 30-11 CSC license configuring 30-10 CSC management access configuring 30-12 CSC memory monitoring 48-5 CSC notifications configuring 30-11 CSC password configuring 30-13 CSC security events monitoring 48-2 CSC Setup Wizard 30-15 activation codes configuratrion 30-15 Host configuratrion 30-17 IP configuratrion 30-16 management access configuratrion 30-17 password configuratrion 30-18 specifying traffic for CSC Scanning 30-19 summary 30-20 traffic selection for CSC Scan 30-18 CSC software updates monitoring 48-4 CSC SSM getting started 30-4 overview 30-2 support A-9 what to scan 30-6 CSC threats monitoring 48-1 CSC updates configuring 30-25 CSC Web configuring 30-21 CTIQBE application inspection, enabling 25-27 D data flow routed firewall 19-1 transparent firewall 19-11 debug messages B-12 default class 9-12 default configuration 3-1 default policy 24-2 default routes defining equal cost routes 10-41 definition of 10-41 for tunneled traffic 10-41 default tunnel gateway 36-4 destination address, browse 36-17 destination port, browse 36-18 device ID, including in messages 18-6 Device Pass-Through 36-85 DHCP configuring 12-4 interface IP address 8-8 monitoring interface lease 42-2 IP addresses 42-2 server 42-2 statistics 42-3 services 12-1 statistics 42-3 DHCP relay overview 12-1 DHCP Relay - Add/Edit DHCP Server dialog box 12-3 description 12-3 fields 12-3 restrictions 12-3 DHCP Relay panel 12-1 description 12-1 fields 12-2 prerequisites 12-2 restrictions 12-1 DHCP Server panel 12-4 description 12-4 fields 12-4 DHCP services 12-1 digital certificates 34-1 directory hierarchy search C-4 disabling content rewrite 39-13 DNS application inspection, enabling 25-27 inspection about 25-6 managing 25-6 rewrite, about 25-7 NAT effect on 23-13 DNS client 12-9 DNS HINFO request attack 28-15 DNS request for all records attack 28-15 DNS zone transfer attack 28-15 DNS zone transfer from high port attack 28-15 duplex interface 8-13 duplex, configuring 6-2, 7-2 dynamic NAT See NAT E Easy VPN client Xauth 36-84 Easy VPN, advanced properties 36-85 Easy VPN client 36-83 Easy VPN Remote 36-83 echo reply, ICMP message 17-52 ECMP 10-40 Edit DHCP Relay Agent Settings dialog box 12-3 description 12-3 fields 12-3 prerequisites 12-3 restrictions 12-3 Edit DHCP Server dialog box 12-6 description 12-6 fields 12-6 Edit OSPF Interface Authentication dialog box 10-11 description 10-11 fields 10-11 Edit OSPF Interface Properties dialog box 10-13 fields 10-13 Edit OSPF Process Advanced Properties dialog box 10-3 description 10-3 fields 10-3 Edit PIM Protocol dialog box 11-12 description 11-12 fields 11-12 e-mail proxy and Clientless SSL VPN 38-7 Enable IPSec authenticated inbound sessions 36-80, 39-28 enrolling certificate 34-3, 34-12 ESMTP application inspection, enabling 25-27 established command, security level requirements 6-5, 7-9 Ethernet Auto-MDI/MDIX 6-2, 7-2 duplex 6-2, 7-2 jumbo frame support multiple mode 7-7 single mode 6-8 MTU 6-8, 7-10, 8-10 speed 6-2, 7-2 extended ACL 36-14 external filtering server 27-5 External Group Policy, add or edit 36-5 F factory default configuration 3-1 failover about virtual MAC addresses 13-21 criteria 13-20, 13-28 defining standby IP addresses 13-18, 13-19 defining virtual MAC addresses 13-22 enable 13-26 enabling Active/Standby 13-15 enabling LAN-based 13-15 enabling LAN-based failover 13-26 enabling Stateful Failover 13-16 graphs 47-4 in multiple context mode 13-26 interface system 7-2 key 13-15, 13-26 make active 47-4 make standby 47-4 monitoring 47-1 monitoring interfaces 13-19 redundant interfaces 6-2, 7-4 reload standby 47-4 reset 47-4, 47-8 stateful 13-3 Stateful Failover 13-27 stateless 13-3 status 47-1 failover groups about 13-29 adding 13-30 editing 13-30 monitoring 47-9 reset 47-10 fiber interfaces 6-2, 7-2 filtering benefits of 27-5 rules 27-7 security level requirements 6-5, 7-8 servers supported 27-1 URLs 27-1 Filtering panel 10-8 benefits 10-8 description 10-8 fields 10-9 restrictions 10-8 firewall, client, configuring settings 36-28 firewall mode configuring 3-4 overview 19-1 viewing 1-14 firewall server, Zone Labs 36-82 fragmentation policy, IPSec 35-2 fragmented ICMP traffic attack 28-14 FTP application inspection enabling 25-28 viewing 24-13, 25-60, 25-62, 25-69, 25-70, 25-77, 25-78, 25-87, 25-88, 25-94, 25-101, 25-104, 25-107, 25-111, 25-113, 25-114, 25-118 filtering option 27-9 FTP inspection about 25-8 configuring 25-8 G gateway, default tunnel gateway 36-4 gateways MGCP application inspection 25-109 General Client Parameters tab 36-24 global addresses recommendations 23-13 Group Policy window add or edit, General tab 36-6, 36-10 introduction 36-4 IPSec tab, add or edit 36-21 GTP application inspection enabling 25-28 viewing 25-82 GTP inspection configuring 25-10 H H.323 transparent firewall guidelines 19-8 H.323 inspection about 25-12 configuring 25-11 limitations 25-13 H225 application inspection, enabling 25-28 H323 RAS application inspection, enabling 25-28 Hardware Client tab 36-30 Help button 1-10 HELP command, denied request 25-80 Help menu 1-7 history metrics 5-6 HSRP 19-8 HTTP application inspection enabling 25-28 viewing 25-93 filtering 27-1 benefits of 27-6 configuring 27-8 HTTP inspection configuring 25-13 HTTPS allowing network or host access to ASDM 17-15 authentication redirect method 15-10 filtering option 27-9 I ICMP add group 36-20 application inspection, enabling 25-28 browse 36-19 rules for access to ADSM 17-5 testing connectivity B-1 ICMP Error application inspection, enabling 25-28 ICMP Group 36-20 ICMP types selecting 17-52 Identity Certificates 34-11 IGMP access groups 11-2 configuring interface parameters 11-5 group membership 11-3 interface parameters 11-5 static group assignment 11-6 IGMP panel IGMP overview 11-2 IKE Policy panel, VPN wizard 33-4 IKE tunnels, amount 1-15 ILS application inspection, enabling 25-28 ILS inspection 25-14 IM 25-20 information reply, ICMP message 17-52 information request, ICMP message 17-52 inspection engines See application inspection Instant Messaging inspection 25-20 interactive authentication 15-10 interface duplex 8-13 failover link system 7-2 IP address DHCP 8-8 management only 8-8 MTU 6-8, 7-10, 8-10 name 8-8 security level 8-8 status 1-16 subinterface, adding 6-5, 7-6 throughput 1-16 Interface panel 10-10 interfaces ASA 5505 MAC addresses 8-4 maximum VLANs 8-2 duplex 6-2, 7-2 enabled status 7-2 fiber 6-2, 7-2 jumbo frame support multiple mode 7-7 single mode 6-8 monitoring 42-5 redundant 7-3 SFP 6-2, 7-2 speed 6-2, 7-2 subinterfaces