Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3028
Views
0
Helpful
3
Replies

iPhone AnyConnect & Network Roaming

norbert.zehetner
Level 1
Level 1

‎02-21-2011 12:20 AM - edited ‎02-21-2020 05:11 PM

Hi there!

I have configured some iPads and iPhones to Connect to an ASA via AnyConnect (ASA 8.4(1), iOS 4.2.1, AnyConnect 2.4.4009).

I have configured the devices with the "iPhone Configuration Utility" (iPCU 3.2.0.267).

My question is: Does anybody know, how to configure the "Network Roaming" feature of the AnyConnect via the iPCU?

I can configure everything else correctly with the iPCU (server, certificate, connect on demand, proxy settings,...) but as mentionend NO network roaming!

Anyone an idea? Thanks.

Norbert

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎02-21-2011 01:53 AM

There is just an ON and OFF toggle for Network Roaming feature.

Here is the document for your reference:

http://www.cisco.com/en/US/partner/docs/security/vpn_client/anyconnect/anyconnect24/ios4.2-user/guide/iphone-ugac-ios4.2.html#wp113765

0 Helpful

norbert.zehetner
Level 1
Level 1
In response to Jennifer Halim

‎02-21-2011 02:28 AM

Hi Jennifer!

In principle this is right, but only if you configure the Network Roaming directly on the device.

If I configure the AnyConnect via the "iPhone Configuration Utility (iPCU)", then you can not configure this setting.

(The advantage of the iPCU is, that I can also configure the proxy-setting directly to the AnyConnect client and that after the configuration via iPCU all buttons and configs are greyed out, so that the user cannot change any settings)

I have found a doc on cisco.com (I have attached a screenshot) which says:

"The VPN configurations generated by the iPhone Configuration Utility do not support Network
Roaming. If your users require Network Roaming, use an AnyConnect profile."

Am I right, that I should make an AnyConnect profile on the ASA for this feature?

How can I bring an AnyConnect profile onto the iPhone?

And how can I configure "Network Roaming" on the ASA in an AnyConnect profile?

Many thanks if you can help!


Norbert

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to norbert.zehetner

‎02-21-2011 02:44 AM

Ok, got it.

AnyConnect profile is configured on the ASA, and the profile gets pushed when AnyConnect connects to the ASA.

To create AnyConnect profile:

From ASDM --> Configuration --> Remote Access VPN --> Network (Client) Access --> AnyConnect Client Profile

Then assigned the profile to the group-policy: Group Policies --> Advanced --> SSL VPN Client --> add Client Profiles to download.

Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents