Cisco Jabber on-demand VPN connection over WiFi or GSM

Answered Question
Mar 1st, 2012
User Badges:


A prospect client asked if it was possible with the Cisco Jabber for Android/iPhone/Nokia client, to establish seamlessly VPN or secure connect on demand connection through WiFi or mobile network when a user makes a decision to place the call through the Jabber application?

The idea is, because the Jabber mobile client would be used by executive users, they won't bother making sure if the jabber client is running, connected...

The mobile phone should be pre-configured for specific Wi-Fi and mobile networks, and the client should be idling in the background waiting for the user to select a IP phone call, and when this happens, it should automatically connect to the predefined network which is available in the moment (preferably WiFi first and 3G), and after the call ends, it should get back in to idling mode and disconnect the connection!

From what I have read and understand til now, the Jabber has the following capability:

Q. How does Cisco Jabber for Android connect to my corporate network when I’m on or off site?

A. While you’re on site, Cisco Jabber for Android connects to your corporate Wi-Fi network directly.

     While you’re off site, Cisco Jabber for Android can use secure connect to automatically connect to your corporate network using any other Wi-Fi or      mobile data network.

Requirements for VPN On Demand

-    In order for Cisco Jabber to launch VPN automatically when needed, the iPhone must be set up for certificate-based IPsec authentication for VPN      on-demand access. The iPhone must be able to access the corporate network, servers, and telephony endpoints using VPN.

But this doesn't explain mine question and the whole process....

Thank you very much for any input.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
stevenholzem Fri, 04/20/2012 - 07:18
User Badges:


Working on the same thing. First thing is the certificates. You need to create your own and load them on the ASA in your test network. Follow the steps in the VPN wizard. (When making the server and client certs - make sure the public IP address of the ASA is included in the extra info or it will NOT work). Download the configuration manager from apple. Set up a profile and include the certs in it. When including the certs, make them exportable to avoid future problems. Email the profile to an account that the iphone has access to. Open the email with the iphone and click on the link/icon. It will install.

After that is done, have fun testing.



Tiberie Kirijas Mon, 04/23/2012 - 04:25
User Badges:

Hi Steven,

Thank you very much for your answer and brief how-to!

So, from what I understand, you achieved the behavior that I'm looking for, right?

Does the Jabber mobile client, disconnects the VPN connection after some time, if predefined to do so?



stevenholzem Mon, 04/23/2012 - 04:36
User Badges:


I have the iPhone connecting over VPN to our ASA 5510. The problem is, like you asked, when the iPhone goes into standby - the connection drops. This is becuase somehting in the IOS from Apple turns the transmitter off when in standby. The only way it does not get shut off is if the phone is charging(plugged in). How useful is a VPN when plugged in? Thought this was crazy when I saw it on the Apple forums, so I had to test it. It is true.

I hope your test works out.


please rate helpful posts


This Discussion