You are using ASDM to verify a clientless SSL VPN configuration made by a junior administrator on an ASA.
Please click exhibit to answer the following questions.
Which of the following tunneling protocols will the jane user account be able to use when establishing a
clientless SSL VPN connection by using the boson tunnel group? (Select the best answer.)
Exhibit:
A.
only clientless SSL VPN
B.
only SSL VPN client
C.
only IPSec
D.
only L2TP/IPSec
E.
both client and clientless SSL VPN
F.
both clientless SSL VPN and IPSec
Explanation:
The jane user account will be able to use only the clientless Secure Sockets Layer (SSL) virtual private network
(VPN) tunneling protocol when establishing a clientless SSL VPN connection by using the boson tunnel group.
You can specify the tunneling protocols that can be used to establish a connection to a tunnel group, which is
also known as a connection profile, either in a group policy or within a user account, depending on whether the
tunneling protocol configuration should be applied to a group or to a single user.
When you configure a tunneling protocol, you can specify one or more of the following four options: Clientless
SSL VPN, SSL VPN Client, IPSec, or L2TP/IPSec.
In this scenario, you can view the tunneling protocols that are configured for the jane user account by accessing
her user account information in Cisco Adaptive Security Device Manager (ASDM) by clicking Configuration,
clicking the Remote Access VPN button, expanding AAA/Local Users, clicking Local Users, and doubleclicking
the jane user account, which will open the Edit User Account dialog box. You should then click VPN Policy,
which will display a pane that includes a Tunneling Protocols entry. This entry for the jane user account is
configured with the Inherit option, which means that the tunneling protocols that the jane user account can use
will be inherited from a group policy that is associated with the jane user account. In this scenario, the jane user
account is associated with the boson_grp group policy.
To view the tunneling protocols that are associated with the boson_grp group policy in ASDM, you should click
Configuration, click the Remote Access VPN button, expand Clientless SSL VPN Access, select Group
Policies, and doubleclick boson_grp, which will open the Edit Internal Group Policy dialog box. The More
Options section on the General pane displays the Tunneling Protocols entry. Only the Clientless SSL
VPNoption is selected, as shown in the following exhibit:Cisco: General VPN Setup: Adding or Editing a Remote Access Internal Group Policy, General Attributes