Solved

VPN Iphone to Cisco ASA

Posted on 2009-06-29
1
1,404 Views
Last Modified: 2012-05-07
ASA Version 8.0(4)

Can someone please explain how to setup a VPN tunnel from an Iphone to Cisco ASA?
0
Comment
Question by:dufff
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24737438
ASA does support that....  


Ono the Iphone side:

"IKE phase 13DES encryption with SHA1 hash method.
"IPSec phase 23DES or AES encryption with MD5 or SHA hash method.
"PPP AuthenticationPAP, MS-CHAPv1, or MSCHAPv2 (preferred).
"Pre-shared key (only for iPhone).


On the asa side, you would need to add something like the following example:

tunnel-group DefaultRAGroup general-attributes
address-pool pool
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
no authentication pap
authentication chap
authentication ms-chap-v1
authentication ms-chap-v2
crypto ipsec transform-set trans esp-3des esp-sha-hmac
crypto ipsec transform-set trans mode transport
crypto dynamic-map dyno 10 set transform-set set trans
crypto map vpn 20 ipsec-isakmp dynamic dyno
crypto map vpn interface outside
crypto isakmp identity auto
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400  
crypto isakmp nat-traversal 3600

Reference: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/l2tp_ips.html#wp1046219

Good luck.  
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question