cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
348
Views
0
Helpful
7
Replies

anyconnect and Iphone

pcromwell
Level 3
Level 3

trying to get anyconnect working on Iphone. I want to use certs for authentication. everytime I try to connect I get untrusted connection error.

I have installed the CA cert on the Iphone and the ASA and I have installed an Identity cert on the ASA

Do I need to have an Identity cert on the Iphone? It may be a basic question but none of the docs make it very clear

7 Replies 7

Marvin Rhoads
Hall of Fame
Hall of Fame

Is the root CA certificate from the same CA that signed the ASA identity certificate or is that self-signed? Have you also installed the ASA Identity certificate into the AnyConnect certificate store on the iPhone (Diagnostics, Certificates).

You can only install a "valid" certificate - the CN (Common Name) in the certificate should match the FQDN (Fully Qualified Domain Name) in DNS.

artofwaiting
Level 1
Level 1


Allow me to say something.Since an on-board event data recorder (EDR) was initially used by the NHTSA in 1991 to determine the information surrounding a vehicle crash, the automotive industry knew it was the wave of the future. Today, an automotive computer captures a fantastic deal of data regarding your driving habits within its crash recorder, and even save your life by notifying authorities in the event of a crash, through a service like OnStar. But for some, the EDR represents an unnerving invasion of privacy - and they'll be standard in all automobiles by 2013, claims the NHTSA. Resource for this article: Event data recorders: Saving lives and invading privacy

and that is relevant to my question how?

It's a spam posting - they rarely show up here but every now and then you see it.

Please click the "Report" link to notify the admins. I have already myself; but multiple reports will get it removed more quickly.

Thanks Marvin. Also thanks for your suggestions to solving the issue. I managed get certs working from Jabber for Windows. But on the Iphone I tried using NDES. This came up with network error. Even though I was connected across the VPN.  Do I have to be on the LAN

to get it to install?

The untrusted connection you originally mentioned would generally apply to the iPhone not trusting the ASA identity certificate. Is it self-signed or is it issued by the Microsoft NDES?

I'm guessing the latter as that is what you are trying to get the phone's iOS to trust - correct? I believe you should be able to do it "over the air" but you can also use the iPhone Configuration Utility for Windows. See this external article for tips on ding that.

Thanks Marvin, I had tried the Iphone config and followed the article you mentioned. it all looks good and I can get the install option on the iphone. but when I press install, it gives a network error. I have now tried from the wireless at the office and still gives the same error. I wonder, is their a way of creating the cert for the Iphone from another device and then emailling it across to the Iphone?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: