ipad VPN to Cisco ASA 5520

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
Guest

ipad VPN to Cisco ASA 5520

Post by Guest » Thu Jul 22, 2010 3:16 pm

Hi, Im trying to get my ipad to VPN to our Cisco ASA5520. I believe I have all of the settings correct on both ends I am able to vpn to the asa using a cisco 871 as the remote client. I suspect that for some reason the vpn client on the ipad isn even getting to the asa. My question is: How can I monitor the ASA logs to see if the connection is even being attempted and possibly find the failure? Thanks M

Guest

Re:ipad VPN to Cisco ASA 5520

Post by Guest » Thu Jul 22, 2010 4:08 pm

try :-debug crypto isakmpdebug crypto ipsecsh vpn-sessiondb remote  ( to see if client is connected ) I configured ipad for remote vpn client , the user was able to connect to the 5520 but for reason i had to use ip addresses to access but i couldnt use internal dns names. trying to figure that out as of right now. hope it helpsManish

Guest

Re:ipad VPN to Cisco ASA 5520

Post by Guest » Thu Jul 22, 2010 5:36 pm

What does your dynamic crypto map use for its transform set?  I ran into a similar issue where ipsec clients hw/sw could connect, but not IPad.  I had to configure the dynamic map to also use 3des/md5 to make it work. But as last person mentioned, debug for crypto isakmp and ipsec to make sure the device can reach the ASA.

Guest

Re:ipad VPN to Cisco ASA 5520

Post by Guest » Thu Jul 22, 2010 5:41 pm

Hi,Finally got it to work. Thanks for the tip on how to watch debug stuf for ipsec. I saw that the problem was no address pool was assigned to the tunnel group. This leads to a new question but Ill post another thread. Tanks again! M

Post Reply