Re: iOS 5/6 and VPN
Re: iOS 5/6 and VPN
- Subject: Re: iOS 5/6 and VPN
- From: Athanasios Douitsis <email@hidden>
- Date: Thu, 18 Oct 2012 16:03:29 +0300
Hi,
Sorry for the delayed answer, just saw your message from yesterday. To
do the same for iOS you have to play with the mobileconfig format,
which is basically an xml schema documented by apple. It may surprise
you that not only iOS, but also mountain lion now supports this
format.
For your reference, look here:
http://developer.apple.com/library/ios/#featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html
Recently I have completed a project exactly like the one you are
describing for the National Technical University of Athens. The
profile setup goes like this, the user visits a specific url, enters
his/her credentials and then a tailored profile (with the appropriate
usernames, etc) is generated on the fly and returned to the iOS
device. The device presents a special "install new profile" to the
user and after a couple of prompts for the relevant passwords the
whole process is finished. The profile contains info on how to connect
to the campus email, wifi (with 802.1x and PEAP or EAP-TTLS), VPN,
etc. You can even plant bookmarks that will appear as icons on the iOS
home screen. Behind the scenes, the profiles are generated by php.
Simple setup, that is.
About your VPN solution, I don't know what kind of server you are
producing, so I cannot say too much. Our solution uses a vanilla
racoon server with IPSec (supports NAT-T, no L2TP) in Hybrid Xauth
mode. So the server presents a certificate, but the clients present
username/password. The racoon server talks to the radius, etc, etc.
There is also an L2TP/IPSec mode, but nowadays ice cream sandwich and
later supports OpenVPN in tun mode, so we direct users with android to
our OpenVPN server, no need to use IPSec.
Hope this helps,
Athanasios Douitsis
On Wed, Oct 17, 2012 at 3:10 PM, Arun R <email@hidden> wrote:
> Hello,
>
> I work with a company which offers enterprise-grade VPN solutions (our own).
> On Windows, OSX, etc, we have a simple thin client that automatically
> creates a VPN connection based on a configuration file. We also have a
> dialer GUI which dials the connection, monitors it to see how long it stays
> up, allows the user to disconnect it.
>
> We'd like to do the same with iOS - automated connection setup, and
> automated dialer. I've seen that other VPN apps (like Cisco/Juniper etc) are
> able to do this.
>
> I've looked on the web for an answer, but I dont see one anywhere. The best
> I see is the mobileconfig file which the user has to manually import.
>
> What do we need to do to get this working for us? Thought I'd talk to the
> experts before contacting Apple directly.
>
> Thank you!
> Arun
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Macnetworkprog mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
--
Athanasios Douitsis
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden