Configuring advanced anyconnect features, Enabling rekey – Cisco ASA 5505 User Manual
Page 1724
75-14
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 75 Configuring AnyConnect VPN Client Connections
Configuring AnyConnect Connections
Be sure to save the file.
Step 3
Import the translation table using the import webvpn translation-table command from privileged
EXEC mode. Be sure to specify the name of the new translation table with the abbreviation for the
language that is compatible with the browser.
In the following example, the XML file is imported es-us—the abbreviation used by Microsoft Internet
Explorer for Spanish spoken in the United States.
hostname# import webvpn translation-table AnyConnect language es-us
tftp://209.165.200.225/client
hostname# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
hostname# show import webvpn translation-table
Translation Tables' Templates:
AnyConnect
PortForwarder
csd
customization
keepout
url-list
webvpn
Citrix-plugin
RPC-plugin
Telnet-SSH-plugin
VNC-plugin
Translation Tables:
es-us AnyConnect
Configuring Advanced AnyConnect Features
The following section describes advanced features that fine-tune AnyConnect SSL VPN connections,
and includes the following sections:
•
•
Enabling and Adjusting Dead Peer Detection, page 75-15
•
Enabling Keepalive, page 75-16
•
•
Adjusting MTU Size, page 75-17
•
Configuring Session Timeouts, page 75-17
Enabling Rekey
When the ASA and the AnyConnect client client perform a rekey on an SSL VPN connection, they
renegotiate the crypto keys and initialization vectors, increasing the security of the connection.
To enable the client to perform a rekey on an SSL VPN connection for a specific group or user, use the
anyconnect ssl rekey command from group-policy or username webvpn modes.
[no]anyconnect ssl rekey {method {new-tunnel | none | ssl} | time minutes}
method new-tunnel specifies that the client establishes a new tunnel during rekey.
method ssl specifies that the client estanyablishes a new tunnel during rekey.
method none disables rekey.