cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1768
Views
5
Helpful
2
Replies

Mobile 8.1 with AnyConnect on demand

MikeM-2468
Level 1
Level 1

I've got Cisco Mobile 8.1 working via cerftificate based VPN with AnyConnect on iPhone and iPod touch.  Currently, I need to initiate the VPN connection manually.  I have the VPN on demand function configured and working but so far it only works with Safari.  Using Safari if I open a url in the domains list, the VPN connects and the page opens without any problem.  Looking at the AnyConnect logs, when Mobile 8.1 opens, the VPN is never initiated, or even attempted to be initiated.  Mobile 8.1 is configured to connect to the tftp by full host name (tftp.internaldomain.com) and it works when the VPN is started manually.  The domain is in the domains list for the on demand VPN.  I've also tried setting the On-Demand VPN URL in Call Manager but that didn't do anything.  Has anyone gotten Mobile 8.1 to work with the on demand VPN?

2 Replies 2

MikeM-2468
Level 1
Level 1

I got this working.  There are a few things that need to work properly for this to work.  First, AnyConnect must work with certificate based authentication and it needs to be set to connect on demand.  It needs to work without any interaction from the user.  As a test, you need to be able to open AnyConnect, click ON and have it connect without any prompts.  Second, you must add a domain to the Always Connect list in AnyConnect.  It doesn't need to be a real domain, it can be anything (for example ciscotest123.yyy).  Next, on the device configuration in Call Manager, set the On-Demand VPN URL to a host in the domain that you specified in the Always Connect list (for example phonevpn.ciscotest123.yyy).  Manually connect the VPN and open Mobile 8.1 to get the new configuration downloaded.  Close 8.1 and disconnect the VPN.  Open 8.1 again and the VPN should connect.

This is what worked for me.

This response saved me lot of headache today ..ThanXs a lot !!