cisco Anyconnect Secure Client

Hello everyone,


Recently my boss has a request to setup the iPad device (or iPhone) which can form the secure tunnel for the internal applications. I have tested properly if the iPad is connected to the internal wifi. It means the iPad device, network, applications are all configured properly.

But there is a security issue that the iPad device must be with VPN connection. It also means that we must not use this "testing wifi" for the future deployment.


Background: the office is with proper setup of the Cisco ASA environment, all the employees or vendors can VPN with using the Cisco Anyconnect client to access the internal services. But every device should be installed with certain certificates (which created or issued by the internal CA).


Then now comes with the problem when dealing with the iPad. We couldn't deploy the certificates into the iPad. We tried using email method to install the cert, but it doesn't force the VPN formed. (later we saw some posts talking about the new iOS cannot support this method).

We also tried to use URL to let the Cisco VPN client to Import from the URL. Unfortunately it doesn't work. We are not sure what kind of URL it is. But we put my .p12 cert into OneDrive or other cloud drive, then let it runs. But it keeps on saying "Import PKCS12 failed with error: Certificate Enrollment - Certificate import has failed."

We checked that there is another method that when I can download the .P12 file into the iPad, then open the Files folder, locate the cert, click and it can be Share to the Cisco Anyconnect app. Then it prompts for the password. We assumed that is the password when we export this .P12 cert. So we use the password to "decrypt" but again, not success.


I wonder if anyone got similar experience as what we have.


We have been using the Cisco ASA with VPN for a long time. But checked back that we don't have anyone using Apple or Android devices to form the VPN ever.


My current Cisco Secure Client is version 5.0.01255



Thank you.

Timothy

iPad Pro (5th generation)

Posted on Mar 27, 2023 8:46 PM

Reply

Similar questions

6 replies

Mar 28, 2023 3:01 PM in response to timothy_lau_mts

Sorting the MDM is going to be part of this, as you will almost certainly be using a profile.


And if you're not getting what you need from Cisco Support, the iPad built-in VPN client interoperates with a whole lot of VPN servers, and the MDM server (if gotten working) can push a profile for that VPN client.


If the built-in VPN client doesn't meet your needs, then the OpenVPN client in the app store will probably suffice.


If this is a one-or-two scale operation, then Apple Configurator 2 app might interest, pending resolving or replacing that MDM server.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

cisco Anyconnect Secure Client

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.