IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
1 post • Page 1 of 1
Hi, Im trying to get my ipad to VPN to our Cisco ASA5520. I believe I have all of the settings correct on both ends I am able to vpn to the asa using a cisco 871 as the remote client. I suspect that for some reason the vpn client on the ipad isn even getting to the asa. My question is: How can I monitor the ASA logs to see if the connection is even being attempted and possibly find the failure? Thanks M
try :-debug crypto isakmpdebug crypto ipsecsh vpn-sessiondb remote ( to see if client is connected ) I configured ipad for remote vpn client , the user was able to connect to the 5520 but for reason i had to use ip addresses to access but i couldnt use internal dns names. trying to figure that out as of right now. hope it helpsManish
What does your dynamic crypto map use for its transform set? I ran into a similar issue where ipsec clients hw/sw could connect, but not IPad. I had to configure the dynamic map to also use 3des/md5 to make it work. But as last person mentioned, debug for crypto isakmp and ipsec to make sure the device can reach the ASA.