Solved

AnyConnect and iPhone

Posted on 2013-01-10
8
477 Views
Last Modified: 2013-01-14
i am trying to get my iPhone to connect using the Cisco AnyConnect. I have installed the correct certificate (i believe) but still receiving an error that it requires a client certificate.
I tested the installed certificate by navigating to my vpn connection via safari and it allowed me in. Any ideas what might be the issue?

Thanks

Using iPhone 5 (6.02ios)
0
Comment
Question by:progjm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
8 Comments
 
LVL 1

Author Comment

by:progjm
ID: 38767239
thank you!
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38767333
If it is asking for a client certificate, I would presume that the configuration on the ASA  requires a client certificate.

A copy of the ASA config would be useful
0
 
LVL 1

Author Comment

by:progjm
ID: 38767472
Here you go
5510-test.txt
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 37

Expert Comment

by:ArneLovius
ID: 38767710
From your config

tunnel-group Company-SSL-VPN webvpn-attributes
 authentication aaa certificate

Open in new window


By having the word "certificate", you are requiring client certificates, to remove the requirement, I woudl try the following in a console session

tunnel-group Company-SSL-VPN webvpn-attributes
 no authentication aaa certificate
 authentication aaa 

Open in new window


Then exit and save the config
0
 
LVL 1

Author Comment

by:progjm
ID: 38767747
Will this conflict with the current users and their SSL certs on laptops?
0
 
LVL 37

Accepted Solution

by:
ArneLovius earned 500 total points
ID: 38768888
It will remove the requirement for client certificates.

Alternatively, use client certificates on the iPhones. Lokking at your config, you are running a CA on your ASA, the iPhones can enrol directly from the ASA in a similar method to laptop clients.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question