07-24-2014 12:35 AM
Hello,
Microsoft released Windows Phone 8.1 on April and it supports VPN connections.
So I would like to ask:
Is Cisco going to release Anyconnect Secure Mobility Client for Windows Phone 8.1?
Maybe someone managed to make clientless connection with ASA 9.1( for example IKEv2 or SSL-VPN) ?
Or should I abandon idea of connecting WP 8.1 with ASA?
Thanks.
07-24-2014 11:18 AM
Hi aurimas88 ,
Looks like AnyConnect Secure Mobility Client 2.5 is supported for windows phone , however W 8.1 mobile has not been tested by Cisco , We cannot guarantee compatibility.
AnyConnect Secure Mobility Client 3.0 Windows Mobile Devices Not Supported
AnyConnect version 3.0 and later do not support Microsoft Windows Mobile or Windows Phone. However, you can continue to use the ASA to deploy the AnyConnect 2.5 or earlier client for Windows Mobile even after loading the AnyConnect 3.0 package files to the ASA for web deployment.
AnyConnect Secure Mobility Client 2.5 Windows Mobile Devices Supported
We designed AnyConnect 2.5 for compatibility with Windows Mobile 6.5, 6.1, 6.0 and 5.0 Professional and Classic for touch-screens only. Users have reported success with most touch-screens running these versions of Windows Mobile. However, to ensure interoperability, we guarantee compatibility only with the devices we test, as follows:
HTC Imagio running Windows Mobile 6.5
HTC Tilt 2 running Windows Mobile 6.5
HTC Touch running Windows Mobile 6.0
HTC TyTN running Windows Mobile 5.0
Samsung Epix running Windows Mobile 6.1
Samsung Omnia Pro 4 running Windows Mobile 6.5
Samsung Omnia running Windows Mobile 6.1
Samsung Saga running Windows Mobile 6.1
Source:
Hope this helps
07-29-2014 04:25 AM
Thanks for reply rvarelac,
but Windows mobile 6.x in these times should be considered ancient and it is not supported on new NOKIA and HTC smartphones.
So I guess, no VPN for Windows Phone 8.1 from Cisco.
08-20-2014 09:56 PM
hi,
I just successfully setup VPN from window phone 8.1 using L2TP with IPsec (just appear in windows phone 8.1). I found out alot of Google but have no helpful material so it took me 4 day to configure and troublebleshoot. I'd like to share to everyone:
the userguide for setup L2TP/IPsec general here: http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/l2tp_ips.html
Just some most important notes you have done:
1. intercept DHCP Configuration message from Micrsoft client
2.create service policy rule with tcp-map have option not check: Drop packets that exceed maximum message size. Refer: http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/65436-pix-asa-70-browse.html/.
3. edit mss-tcp to lower through command line. Refer: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/82444-fragmentation.html#task2
10-07-2014 10:31 AM
Too bad our network guys don't have WPs...they said, 'uh, no'
02-23-2015 11:22 PM
hi,
I try to configure L2TP for WP 8.1 and get the error
Phase 1: failure: Mismatched attribute types for class Group Description: Rcv'd: Unknown Cfg'd: Group 5
Can you give me a hint how to solve this?
Thank you very much!
03-04-2015 11:29 PM
try to use group 2, instead of group 5 in configure VPN in ASA
03-16-2015 06:43 PM
I just went through figuring this out also, but with ASA version 8.2(5) and a Lumia 1520. I just got WP Denim a few weeks ago, prior to that only IKEv2 was available on the phone. Here's the config I ended up with:
ip local pool wp-pool xxxx
crypto ipsec transform-set 3DES-WP esp-3des esp-sha-hmac
crypto ipsec transform-set 3DES-WP mode transport
crypto dynamic-map My_Admin_Map 10 set transform-set 3DES-WP
crypto map Main_Map 65535 ipsec-isakmp dynamic My_Admin_Map
crypto isakmp policy 50
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 28800
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol l2tp-ipsec
username username password password ms-chap
tunnel-group DefaultRAGroup general-attributes
address-pool wp-pool
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key xxxx
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
I didn't configure split tunnel on the ASA, I used the "IP Ranges" feature on the WP client.
Using the default group configuration broke existing VPN configurations, but I don't know any other way of doing it. I added a couple of commands to the other groups to get around it.
I couldn't find anything that worked other than 3DES, so that's a bit annoying.
I'm not recommending this setup, I'm just saying it works.
04-19-2015 04:38 AM
08-22-2014 07:03 AM
That's a shame Cisco, that you make an Anyconnect client for Android, and iOS. But, nothing for Windows RT 8.1, or Windows Phone 8.1. No one cares about a client for Windows Mobile, which has not been on a new phone for 4 years.....
10-07-2014 10:30 AM
Cisco, like many companies these days, simply refuses to communicate with its customers or reps. Our Cisco rep is as clueless as us.
Cisco, get cracking.
-c
04-27-2015 07:02 PM
AnyConnect open beta program for Windows Phone 8.1
We are pleased to announce the start of the AnyConnect beta program for Windows Phone 8.1.
Customers can access AnyConnect via the Windows Store at:
http://www.windowsphone.com/en-us/store/app/anyconnect/55443031-19e2-4592-aceb-f5ac0c08b2be
The release notes with a list of open issues and limitations are published at:
Please direct any questions/feedback/problem reports to: ac-mobile-feedback@cisco.com
Support is not provided by the Cisco TAC for the beta program.
05-11-2015 01:28 AM
Hi Peter,
I have a Lumia 830 running WP 8.1. The OS version is 8.10.14234.375. I downloaded the beta and installed it. However when I try setting VPN up, choosing the AnyConnect option, no matter what configuration information is entered the "save" button is greyed out. So not able to use it. Can you please look into this.
Regards,
Vaidya.
05-11-2015 05:21 AM
Unfortunately the user interface is a little confusing and is not in Cisco's control. You need to de-select "Connect Automatically". If selected (default) and not configured, the OS greys out the Save button.
05-11-2015 06:22 AM
Thanks very much for the prompt reply, Peter.
Yes, turning off "Connect Automatically" solved the grey out problem.
However I am getting "Connection Error: 2250" without any description.
Can you please guide me on how to go about resolving this?
Regards,
Vaidya.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide