In this post, we’ll look quickly at planning how the iPad and iPhone will connect to your Virtual Private Network (VPN). We’ll start by reviewing the VPN technologies the iPad and iPhone support, talk about settings you may need to change to make your VPN friendly to the iPad and iPhone, and finish by considering which users you should grant remote access to the network.
Making Sure Your VPN Uses Suitable Technologies and Settings for the iPad and iPhone
The first step in planning the connection is to make sure your VPN uses one (or more) of the five widely used types of VPN that the iPad and iPhone support:
1. Cisco IPSec. Cisco IP Security is widely used for establishing secure VPN connections. With IPSec, you can use several different methods of authentication including x.509 digital certificates, RSA SecurID, and CRYPTOCard.
2. L2TP Over IPSec. Layer 2 Tunneling Protocol over IPSec gives good security and is widely used. With L2TP, you can use either a password or a shared secret for authentication.
3. PPTP. Point-to-Point Tunneling Protocol is the weakest of the widely used VPN technologies. Use PPTP only if you can’t use any other VPN type. PPTP uses a password to secure connections.
4. Cisco AnyConnect. Cisco AnyConnect VPN technology uses the Datagram Transport Layer Security (DTLS) protocol to provide security and performance over VPN connections. With AnyConnect, you can use either a password or a certificate for authentication.
5. Juniper SSL. Juniper Networks’ VPN appliances use Juniper SSL to secure the VPN connections. With Juniper SSL, you can use either a password or a certificate to secure the connection.
NOTE: When you use a certificate to authenticate a Cisco IPSec, Cisco AnyConnect, or Juniper SSL VPN, you can enable VPN on demand, which can be a big timesaver. VPN on demand makes the iPad or iPHone automatically establish a VPN connection when the user tries to access any of the domains or host names you add to the connection’s list.
If your VPN uses one of those five types, you’re halfway there. (Otherwise, you’ll need to add one of those five types to your VPN setup.) You should also take these three steps:
1. Check your VPN concentrators. Make sure they use VPN standards the iPad and iPhone support.
2. Check the authentication path. Make certain your RADIUS server or VPN authentication server is using iPad-and iPhone-friendly standards.
3. Use suitable certificates. If you’re using certificates for authentication, the iPad and iPhone can use PKCS1 format (files in the .cer, .crt, and .der file formats) and PKCS12 format (files in the .p12 and .pfx file formats).
TIP: To avoid problems, make sure your remote access routers and concentrators are runni9ng the latest firmware versions. Update them if they’re not.
Please get back soon as I am going to post some important instructions on how to set up your iPad or iPhone to connect to your VPN.