Solved

VPN Iphone to Cisco ASA

Posted on 2009-06-29
1
1,411 Views
Last Modified: 2012-05-07
ASA Version 8.0(4)

Can someone please explain how to setup a VPN tunnel from an Iphone to Cisco ASA?
0
Comment
Question by:dufff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 500 total points
ID: 24737438
ASA does support that....  


Ono the Iphone side:

"IKE phase 13DES encryption with SHA1 hash method.
"IPSec phase 23DES or AES encryption with MD5 or SHA hash method.
"PPP AuthenticationPAP, MS-CHAPv1, or MSCHAPv2 (preferred).
"Pre-shared key (only for iPhone).


On the asa side, you would need to add something like the following example:

tunnel-group DefaultRAGroup general-attributes
address-pool pool
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
no authentication pap
authentication chap
authentication ms-chap-v1
authentication ms-chap-v2
crypto ipsec transform-set trans esp-3des esp-sha-hmac
crypto ipsec transform-set trans mode transport
crypto dynamic-map dyno 10 set transform-set set trans
crypto map vpn 20 ipsec-isakmp dynamic dyno
crypto map vpn interface outside
crypto isakmp identity auto
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400  
crypto isakmp nat-traversal 3600

Reference: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/l2tp_ips.html#wp1046219

Good luck.  
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question