Showing results for 
Search instead for 
Did you mean: 

Is Cisco VPN posible for Windows Phone 8.1

Aurimas Plunge
Level 1
Level 1


Microsoft released Windows Phone 8.1 on April and it supports VPN connections.

So I would like to ask:

Is Cisco going to release Anyconnect Secure Mobility Client for Windows Phone 8.1?

Maybe someone managed to make clientless connection with ASA 9.1( for example IKEv2 or SSL-VPN) ?

Or should I abandon idea of connecting WP 8.1 with ASA?


24 Replies 24

Level 7
Level 7

Hi  aurimas88 ,


Looks like AnyConnect Secure Mobility Client 2.5  is supported for windows phone , however W 8.1 mobile has not been tested by Cisco , We cannot guarantee compatibility. 

AnyConnect Secure Mobility Client 3.0 Windows Mobile Devices Not Supported

AnyConnect version 3.0 and later do not support Microsoft Windows Mobile or Windows Phone. However, you can continue to use the ASA to deploy the AnyConnect 2.5 or earlier client for Windows Mobile even after loading the AnyConnect 3.0 package files to the ASA for web deployment.

AnyConnect Secure Mobility Client 2.5 Windows Mobile Devices Supported

We designed AnyConnect 2.5 for compatibility with Windows Mobile 6.5, 6.1, 6.0 and 5.0 Professional and Classic for touch-screens only. Users have reported success with most touch-screens running these versions of Windows Mobile. However, to ensure interoperability, we guarantee compatibility only with the devices we test, as follows:

HTC Imagio running Windows Mobile 6.5
HTC Tilt 2 running Windows Mobile 6.5
HTC Touch running Windows Mobile 6.0
HTC TyTN running Windows Mobile 5.0
Samsung Epix running Windows Mobile 6.1
Samsung Omnia Pro 4 running Windows Mobile 6.5
Samsung Omnia running Windows Mobile 6.1
Samsung Saga running Windows Mobile 6.1




Hope this helps 


Thanks for reply rvarelac,

but Windows mobile 6.x in these times should be considered ancient and it is not supported on new NOKIA and HTC smartphones.

So I guess, no VPN for Windows Phone 8.1 from Cisco.



I just successfully setup VPN from window phone 8.1 using L2TP with IPsec (just appear in windows phone 8.1). I found out alot of Google but have no helpful material so it took me 4 day to configure and troublebleshoot. I'd like to share to everyone:

  • server: ASA 5510, boot image: 9.1(5), ASDM:7.3(1)
  • client: lumina 520

the userguide for setup L2TP/IPsec general here: 

Just some most important notes you have done:

1. intercept DHCP Configuration message from Micrsoft client

2.create service policy rule with tcp-map have option not check: Drop packets  that exceed  maximum message size. Refer:

3. edit mss-tcp to lower through command line. Refer:

Too bad our network guys don't have WPs...they said, 'uh, no'


I try to configure L2TP for WP 8.1 and get the error

Phase 1: failure:  Mismatched attribute types for class Group Description:  Rcv'd: Unknown  Cfg'd: Group 5

Can you give me a hint how to solve this?

Thank you very much!

try to use group 2, instead of group 5 in configure VPN in ASA


I just went through figuring this out also, but with ASA version 8.2(5) and a Lumia 1520. I just got WP Denim a few weeks ago, prior to that only IKEv2 was available on the phone. Here's the config I ended up with:


ip local pool wp-pool xxxx

crypto ipsec transform-set 3DES-WP esp-3des esp-sha-hmac
crypto ipsec transform-set 3DES-WP mode transport

crypto dynamic-map My_Admin_Map 10 set transform-set 3DES-WP

crypto map Main_Map 65535 ipsec-isakmp dynamic My_Admin_Map 


crypto isakmp policy 50
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 28800

group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol l2tp-ipsec

username username password password ms-chap

tunnel-group DefaultRAGroup general-attributes
 address-pool wp-pool
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key xxxx
tunnel-group DefaultRAGroup ppp-attributes
 authentication ms-chap-v2

I didn't configure split tunnel on the ASA, I used the "IP Ranges" feature on the WP client.


Using the default group configuration broke existing VPN configurations, but I don't know any other way of doing it. I added a couple of commands to the other groups to get around it.


I couldn't find anything that worked other than 3DES, so that's a bit annoying.


I'm not recommending this setup, I'm just saying it works.

Help me please configured my Lumia 925 because I can not connect to my company Cisco router via VPN. This is my device.

Level 1
Level 1

That's a shame Cisco, that you make an Anyconnect client for Android, and iOS.  But, nothing for Windows RT 8.1, or Windows Phone 8.1.  No one cares about a client for Windows Mobile, which has not been on a new phone for 4 years.....

Cisco, like many companies these days, simply refuses to communicate with its customers or reps. Our Cisco rep is as clueless as us.

Cisco, get cracking.



Peter Davis
Cisco Employee
Cisco Employee

AnyConnect open beta program for Windows Phone 8.1


We are pleased to announce the start of the AnyConnect beta program for Windows Phone 8.1.


Customers can access AnyConnect via the Windows Store at:


The release notes with a list of open issues and limitations are published at:


Please direct any questions/feedback/problem reports to:

Support is not provided by the Cisco TAC for the beta program.

Hi Peter,

I have a Lumia 830 running WP 8.1.  The OS version is 8.10.14234.375.  I downloaded the beta and installed it.  However when I try setting VPN up, choosing the AnyConnect option, no matter what configuration information is entered the "save" button is greyed out.  So not able to use it.  Can you please look into this.



Unfortunately the user interface is a little confusing and is not in Cisco's control.  You need to de-select "Connect Automatically".  If selected (default) and not configured, the OS greys out the Save button.

Thanks very much for the prompt reply, Peter.

Yes, turning off "Connect Automatically" solved the grey out problem.

However I am getting "Connection Error: 2250" without any description.

Can you please guide me on how to go about resolving this?