Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: woodgie
woodgie Author
User level: Level 1
10 points

CiscoVPN setup in Profile Manager

Evening, all.


I'm at a bit of a loss here as I've looked and read but either it can't be done or my Google-Fu is weak.


My Firewall isn't a Cisco box but it works brilliantly with the built in CiscoVPN in Mac OS X, the one thing it DOES do, however, is pass ALL traffic over the VPN while the VPN is active. This necessitates the addition of DNS/Search Domain info into the VPN setup, an easy enough feat.


I am trying to use Profile Manager to push out CiscoVPN details to my OD users with laptops. It's far easier to manage and I can do it without having to interrupt the user - except for one thing; I can't see where in Profile Manager to set DNS/Search Domain info.


This is best shown with screenshots, so here goes.


1. Profile Manager's CiscoVPN setup

User uploaded file

2. System Preferences' CiscoVPN setup (Basic)

User uploaded file

3. System Preferences' CiscoVPN setup (advanced)

User uploaded file


This last bit is evading me in Profile Manager. I've looked in Profile Manager's Network setup, but that's only got Wi-Fi and 802.1X settings.


Is it even possible to do the advanced part of the CiscoVPN setup from Profile Manager? Maybe with a Custom Setting?


~W

iMac, OS X Yosemite (10.10.2)

Posted on Mar 5, 2015 10:19 AM

Reply
4 replies
User profile for user: John Lockwood
John Lockwood
User level: Level 6
13,679 points

Mar 6, 2015 5:46 AM in response to woodgie

I also use the built-in Cisco IPSec VPN client and have also used an MDM solution to push the settings to client devices.


The way the DNS settings work for me is that they are automatically pushed by the vpn server to the client device. They do not need to be manually set on the client, nor do they need to be set in Profile Manager or similar MDM.


As a comparison, Apple's own (feeble) VPN server also automatically sends DNS settings to the client device.


In my own case I use StrongSwan5 - see http://jelockwood.blogspot.co.uk/2014/03/how-to-do-vpn-on-demand-for-ios-at-zero .html


The fact that the VPN server is successfully sending the DNS settings is proven by the fact that resolving internal only hostnames works when the VPN is connected and does not when not connected.

Reply
User profile for user: woodgie
woodgie Author
User level: Level 1
10 points

Mar 6, 2015 6:59 AM in response to John Lockwood

I would expect it is a Linux OS on the box but no, it doesn't expose its internals. It is a big brand name box though so I'm pestering their support again (though I doubt I'll have any more luck than last time). Their answer is likely to be "Use our software". Unfortunately that's not the seamless user experience they may believe it is.


I'm just surprised that Profile Manager doesn't replicate the client options fully, I'm wondering if I can add it as a "Custom Setting" Preference.

Reply

CiscoVPN setup in Profile Manager

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up