iOS Devices

You can enable that iOS device users are offered automatic Cisco IPsecClosed Internet Protocol Security configuration in the User Portal.

However, only users that have been added to the Users and groups box on the Global tab will find configuration files on their User Portal site. The iOS device status is enabled by default.

Connection name: Enter a descriptive name for the Cisco IPsecClosed Internet Protocol Security connection so that iOS device users may identify the connection they are going to establish. The default name is your company name followed by the protocol Cisco IPsecClosed Internet Protocol Security.

Note – Connection name must be unique among all iOS device connection settings (PPTPClosed Point to Point Tunneling Protocol, L2TPClosed Layer Two (2) Tunneling Protocol over IPsec, Cisco VPNClosed Virtual Private Network Client).

Override hostname: In case the system hostname cannot be publicly resolved by the client, you can enter a server hostname here that overrides the internal preference of the DynDNS Hostname before the System DNS Hostname.

Establish VPN connection on demand: Select this option to automatically initiate a VPN connection whenever the location matches one of the hostnames or domains listed in the box.

  • Match domain or host: Enter the domains or hostnames for which you want to establish VPN connections on demand. This could be your local intranet, for example.
  • Establish only when DNS lookup fails: By default, the VPN connection is only established after a DNS lookup has failed. If unselected, the VPN connection is established regardless of whether the hostname can be resolved or not.

Note that connecting iOS devices get presented the server certificate specified on the Global tab. The iOS device checks whether the VPN IDClosed Identity of this certificate corresponds to the server hostname and refuses to connect if they differ. If the server certificate uses Distinguished Name as VPN ID Type it compares the server hostname with the Common Name field instead. You need to make sure the server certificate fulfills these constraints.

To disable automatic iOS device configuration, click the toggle switch.

The toggle switch turns gray.