Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
771
Views
10
Helpful
3
Replies

Remote access VPN using the native VPN client in Android and ios phones

Go to solution
Chess Norris
Level 4
Level 4

‎02-19-2021 02:33 AM

Hi,

 

What options do I have if I want to set up a remote access VPN using the native VPN client on both android and ios phones?

I have only found configuration examples for l2tp over ipsec, but the phone have options for IKEv2/IPSec with PSK.

Is this possible or do I need to buy Anyconnect licenses if I want to use IKEv2? 

 

Thanks

/Chess

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Chess Norris

‎02-19-2021 04:42 AM

From the doc:
Licensing Requirements for L2TP over IPsec

IPsec remote access VPN using IKEv2 requires an AnyConnect Plus or Apex license, available separately. IPsec remote access VPN using IKEv1 and IPsec site-to-site VPN using IKEv1 or IKEv2 uses the Other VPN license that comes with the base license

Reference
https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/vpn/asa-95-vpn-config/vpn-l2tp-ipsec.html#ID-2442-00000021

Thanks and Regards,
Dinesh Moudgil
Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

View solution in original post

3 Replies 3

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎02-19-2021 03:16 AM

Hi Chess,

Here are the configuration steps:
https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/213246-asa-ikev2-ra-vpn-with-windows-7-or-andro.html

For licensing, here is the relevant link : https://www.cisco.com/c/en/us/products/collateral/security/anyconnect-og.html. You could use Plus license for third party IPSec Ikev2 RA VPN clients.

Thanks and Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.
Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Go to solution
Chess Norris
Level 4
Level 4
In response to Dinesh Moudgil

‎02-19-2021 04:06 AM

@Dinesh Moudgil Thanks for the link. I will have a look at the examples.

 

Regarding the licenses, Does that mean I need Plus licenses even when using IKEv2 with the Android native client?

We only have the old premium licenses today which are used for PC's with anyconnect. Now we need to connect about 100 mobile devices and try to do this without have to purchase 100 anyconnect plus licenses.

Is it only L2TP over IPsec that is possible to run without Plus licenses?

 

Thanks

/Chess

0 Helpful

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to Chess Norris

‎02-19-2021 04:42 AM

From the doc:
Licensing Requirements for L2TP over IPsec

IPsec remote access VPN using IKEv2 requires an AnyConnect Plus or Apex license, available separately. IPsec remote access VPN using IKEv1 and IPsec site-to-site VPN using IKEv1 or IKEv2 uses the Other VPN license that comes with the base license

Reference
https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/vpn/asa-95-vpn-config/vpn-l2tp-ipsec.html#ID-2442-00000021

Thanks and Regards,
Dinesh Moudgil
Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents