?
Solved

VPN Iphone to Cisco ASA

Posted on 2009-06-29
1
Medium Priority
?
1,420 Views
Last Modified: 2012-05-07
ASA Version 8.0(4)

Can someone please explain how to setup a VPN tunnel from an Iphone to Cisco ASA?
0
Comment
Question by:dufff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
MikeKane earned 2000 total points
ID: 24737438
ASA does support that....  


Ono the Iphone side:

"IKE phase 13DES encryption with SHA1 hash method.
"IPSec phase 23DES or AES encryption with MD5 or SHA hash method.
"PPP AuthenticationPAP, MS-CHAPv1, or MSCHAPv2 (preferred).
"Pre-shared key (only for iPhone).


On the asa side, you would need to add something like the following example:

tunnel-group DefaultRAGroup general-attributes
address-pool pool
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *
tunnel-group DefaultRAGroup ppp-attributes
no authentication pap
authentication chap
authentication ms-chap-v1
authentication ms-chap-v2
crypto ipsec transform-set trans esp-3des esp-sha-hmac
crypto ipsec transform-set trans mode transport
crypto dynamic-map dyno 10 set transform-set set trans
crypto map vpn 20 ipsec-isakmp dynamic dyno
crypto map vpn interface outside
crypto isakmp identity auto
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400  
crypto isakmp nat-traversal 3600

Reference: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/l2tp_ips.html#wp1046219

Good luck.  
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question