As some of you may know, Cisco VPN support was added to the iPhone as of Firmware 2.0.
I have tested the functionality and can report that not only does it work, but it is very easy to set up.
I tested the functionality last night by connecting into both of our Hosting site VPNs. It literally is as simple as configuring Cisco’s own VPN client.
Once configured you get a VPN section in the “settings” menu of the phone.
Multiple VPNs are possible too which was a concern when I first set out to configure it.
Anyway, I would post a config guide but it is very basic to set up. If you run into any issues leave a comment and we will see what can be done!
Cheers,
Entries (RSS)
July 21st, 2008 at 6:31 pm
I set this up, too, and I admit that I was really surprised at how easy it was! For kicks I set up my ASA to hairpin traffic from the iPhone out to the Internet for secured web browsing when I’m on an open hotspot.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml
July 22nd, 2008 at 7:48 am
It’s very easy to set up VPN and connect.
The problem I’m experiencing is that the iPhone 2.0 VPN client doesn’t apply the new DNS settings from the VPN concentrator (ASA 5520). Everything is reachable by IP address though. A few threads around the Internet are covering this, but no real answers so far.
July 24th, 2008 at 10:39 pm
DNS seems to be working for me. Connecting into a 3005 Concentrator. Make sure that Split DNS is set up correctly if you are using split tunneling. This will define wether DNS requests get tunneled or not for your Corporate domains.
Cheers,
July 25th, 2008 at 7:04 am
Some people suggest that split DNS with split tunneling is the problem.
Even if I turn off split tunneling, the DNS settings are not applied.
I can’t find any references to split DNS in the ASA interface…
July 26th, 2008 at 9:23 pm
Hi Havard,
If full tunnel isnt working I would check what DNS server you are assigning to remote access users. I would also try connecting with the windows client and ensure that name resolution works for that.
The Split DNS settings are in “Group Policy” section of the VPN pane. Once there you need to be in the client tab. You should then see a section for “Split Tunnel DNS names” which has to be filled in using your corporate domain names.
Let us know how you get on.
Cheers,
August 29th, 2008 at 8:07 am
I have not been able to connect to my pix 501 firewall with my iphone
we dont use a user name or password to set up the cisco vpn on my mac and it works great but not having this is not letting the iphone connect i think
any help ??
thanks
September 9th, 2008 at 7:52 pm
Hi Mark,
Not sure really, we dont configure Remote Access VPN without the username and password. There certainly doesnt look to be an option to configure it without on the iPhone in any case.