iOS Devices
You can enable that iOS device users are offered automatic Cisco IPsec
Internet Protocol Security configuration in the User Portal.
However, only users that have been added to the Users and groups box on the Global tab will find configuration files on their User Portal site. The iOS device status is enabled by default.
Connection name: Enter a descriptive name for the Internet Protocol Security Internet Protocol Security
Note – Connection name must be unique among all iOS device connection settings (PPTP Point to Point Tunneling Protocol, L2TP Layer Two (2) Tunneling Protocol over IPsec, Cisco VPN Virtual Private Network Client).
Override hostname: In case the system hostname cannot be publicly resolved by the client, you can enter a server hostname here that overrides the internal preference of the DynDNS Hostname before the System DNS Hostname.
Establish VPN connection on demand: Select this option to automatically initiate a VPN connection whenever the location matches one of the hostnames or domains listed in the box.
- Match domain or host: Enter the domains or hostnames for which you want to establish VPN connections on demand. This could be your local intranet, for example.
- Establish only when DNS lookup fails: By default, the VPN connection is only established after a DNS lookup has failed. If unselected, the VPN connection is established regardless of whether the hostname can be resolved or not.
Note that connecting iOS devices get presented the server certificate specified on the Global tab. The iOS device checks whether the VPN ID Identity of this certificate corresponds to the server hostname and refuses to connect if they differ. If the server certificate uses Distinguished Name as VPN ID Type it compares the server hostname with the Common Name field instead. You need to make sure the server certificate fulfills these constraints.
To disable automatic iOS device configuration, click the toggle switch.
The toggle switch turns gray.
Related Topics