Is the root CA certificate from the same CA that signed the ASA identity certificate or is that self-signed? Have you also installed the ASA Identity certificate into the AnyConnect certificate store on the iPhone (Diagnostics, Certificates).
You can only install a "valid" certificate - the CN (Common Name) in the certificate should match the FQDN (Fully Qualified Domain Name) in DNS.
Allow me to say something.Since an on-board event data recorder (EDR) was initially used by the NHTSA in 1991 to determine the information surrounding a vehicle crash, the automotive industry knew it was the wave of the future. Today, an automotive computer captures a fantastic deal of data regarding your driving habits within its crash recorder, and even save your life by notifying authorities in the event of a crash, through a service like OnStar. But for some, the EDR represents an unnerving invasion of privacy - and they'll be standard in all automobiles by 2013, claims the NHTSA. Resource for this article: Event data recorders: Saving lives and invading privacy
Thanks Marvin. Also thanks for your suggestions to solving the issue. I managed get certs working from Jabber for Windows. But on the Iphone I tried using NDES. This came up with network error. Even though I was connected across the VPN. Do I have to be on the LAN
The untrusted connection you originally mentioned would generally apply to the iPhone not trusting the ASA identity certificate. Is it self-signed or is it issued by the Microsoft NDES?
I'm guessing the latter as that is what you are trying to get the phone's iOS to trust - correct? I believe you should be able to do it "over the air" but you can also use the iPhone Configuration Utility for Windows. See this external article for tips on ding that.
Thanks Marvin, I had tried the Iphone config and followed the article you mentioned. it all looks good and I can get the install option on the iphone. but when I press install, it gives a network error. I have now tried from the wireless at the office and still gives the same error. I wonder, is their a way of creating the cert for the Iphone from another device and then emailling it across to the Iphone?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :