Cisco 3110 시작하기 - 페이지 5

{카테고리_이름} Cisco 3110에 대한 시작하기을 온라인으로 검색하거나 PDF를 다운로드하세요. Cisco 3110 42 페이지.
Cisco 3110에 대해서도 마찬가지입니다: 매뉴얼 (42 페이지)

Cisco 3110 시작하기
Getting Started
Feature
Password management for remote
access VPN (MSCHAPv2).
AnyConnect VPN SAML External
Browser
Administrative and Troubleshooting Features
Dynamic Domain Name System
(DDNS) support for updating
fully-qualified domain name
(FQDN) to IP address mappings for
system interfaces.
The dig command replaces the
nslookup command in the device
CLI.
Description
You can enable password management for remote access VPN. This
allows AnyConnect to prompt the user to change an expired password.
Without password management, users must change expired passwords
directly with the AAA server, and AnyConnect does not prompt the user
to change passwords. For LDAP servers, you can also set a warning
period to notify users of upcoming password expiration.
We added the Enable Password Management option to the authentication
settings for remote access VPN connection profiles.
When you use SAML as the primary authentication method for a remote
access VPN connection profile, you can elect to have the AnyConnect
client use the client's local browser instead of the AnyConnect embedded
browser to perform the web authentication. This option enables single
sign-on (SSO) between your VPN authentication and other corporate
logins. Also choose this option if you want to support web authentication
methods, such as biometric authentication, that cannot be performed in
the embedded browser.
We updated the remote access VPN connection profile wizard to allow
you to configure the SAML Login Experience.
You can configure DDNS for the interfaces on the system to send
dynamic updates to DNS servers. This helps ensure that FQDNs defined
for the interfaces resolve to the correct address, making it easier for
users to access the system using a hostname rather than an IP address.
This is especially useful for interfaces that get their addresses using
DHCP, but it is also useful for statically-addressed interfaces.
After upgrade, if you had used FlexConfig to configure DDNS, you
must redo your configuration using FDM or the Firepower Threat
Defense API, and remove the DDNS FlexConfig object from the
FlexConfig policy, before you can deploy changes again.
If you configure DDNS using FDM, then switch to FMC management,
the DDNS configuration is retained so that FMC can find the system
using the DNS name.
In FDM, we added the System Settings > DDNS Service page. In the
Firepower Threat Defense API, we added the DDNSService and
DDNSInterfaceSettings resources.
To look up the IP address of a fully-qualified domain name (FQDN) in
the device CLI, use the dig command. The nslookup command has been
removed.
New Features in FDM/FTD Version 7.1.0
Getting Started
5