Create New RA VPN Group Policies

A group policy is a set of user-oriented attribute/value pairs for remote access VPN connections. The connection profile uses a group policy that sets terms for user connections after the tunnel is established. Group policies let you apply whole sets of attributes to a user or a group of users, rather than having to specify each attribute individually for each user.

The system includes a default group policy named "DfltGrpPolicy". You can create additional group policies to provide the services you require.

Note	You cannot add inconsistent group policy objects to RA VPN configuration. Resolve all inconsistencies before adding the group policy to the RA VPN Configuration.

Procedure

Step 1	In the Cisco Defense Orchestrator navigation bar on the left, click Objects > FDM Objects.
Step 2	Click the blue plus button.
Step 3	Click RA VPN Objects (ASA & FTD) > RA VPN Group Policy.
Step 4	Enter a name for the group policy. The name can be up to 64 characters and spaces are allowed.
Step 5	In the Device Type drop-down, select FTD.
Step 6	Do any of the following: Click the required tabs and configure the attributes on the page: General Attributes AnyConnect Client Profiles Session Setting Attributes Address Assignment Attributes Split Tunneling Attributes AnyConnect Attributes Traffic Filters Attributes Windows Browser Proxy Attributes
Step 7	Click Save to create the group policy.