CISCO VPN with the SGS - Galaxy S I9000 General

Hey all,
i have a Cisco VPN profile consisting of the following:
VPN HOST
VPN Groupname
VPN Grouppassword
VPN Username
VPN Userpassword
Search Domain
BUT
Where do i enter those credentials in the VPN settings exactly? There are 4 Types of VPN and i dont know which one to choose and where to enter what....
Tired a lot - didnt work. Any advise?
THANX
Tigger

good question. I have the same cisco asa config.
I have a TunnelGroup Name but in the VPN setttings on SGS there is no possibility to enter it.

MagicOnline said:
good question. I have the same cisco asa config.
I have a TunnelGroup Name but in the VPN setttings on SGS there is no possibility to enter it.
Click to expand...
Click to collapse
Exactly my problem.
best would be to somehow import the profiles....but otherwise i couldnt use the SGS for Coorperate mail, cuz thats only running via VPN

**UP**
Plesae help!

It's Google's problem to solve
This is not a limitation of the Samsung Galaxy S. It is a limitation of Android. The VPN client built into Android does not support the Cisco VPN routers that employ group credentials.
As I understand it, the group credentials are not part of the IPSec protocol, but are a Cisco add-on.
For whatever reason, Cisco licensed this technology to Apple but not to Google. So iPhone VPN clients work. But there is no such arrangement with Google for Android. (My own guess is that maybe Apple has some exclusive, or that there is some other corporate political maneuvering happening among these three Silicon Valley giants.)
In any event, there is huge backlog of demand for adding Cisco VPN support to Android. That's what most enterprise users desperately want. I am one of them. But the feature has not been forthcoming.
See the very long line, literally thousands of requests, to Google to add this feature here.

Related

VPN Authentication Question

Does anyone know:
Is it possible to do Group Authentication with the built-in VPN client? My work network uses a Cisco VPN and I've managed to extract out of our IT department the Group name and Password but I can't figure out how to enter this onto the Exec - it offers me "A certificate on this device" or "A pre-shared key" and entering the password into the pre-shared key doesn't seem to work. Our IT department tells me that the Exec is unsupported and won't give me any help so anyone out there know how to do this?
If it's not possible, anyone recommend a good VPN client for connecting to a Cisco VPN?
Thanks
G
Anybody?
My work uses group authentication also. Does anyone know a good vpn client that will work with group authentication?
There is a Cisco ICA/Xen/client for ARM PDA here: http://www.citrix.com/English/ss/downloads/details.asp?downloadId=3607&productId=186#top
Is this what you are looking for?
interesting..
I didn't know there was a citrix client for WM. My work also uses citrix. The only problem is in order to connect with the citrix client I must have a VPN tunnel first . My work uses Cisco VPN Group Authentication. I have not yet found a VPN client for WM that will allow Cisco group authentication. If anyone knows of one, PLEASE let me know.
Thanks wovens for the citrix client. That will be neat to try if I can ever get a VPN tunnel setup.
FOUND IT!
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Does your company use Cisco SSL Vpn by chance? It's the way Cisco is leaning as is with less support for the ipsec since they can make more money off of licensing.
Anyhow if your company does use SSL VPN, Cisco's anyconnect client supports Windows mobile. I have been using it and it works good for what I use it for (primarily SSH, but for kicks I tried remote desktop and it worked good too).
McGeezy said:
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Click to expand...
Click to collapse
this website of "bluefiresecurity.com can not the opened. would u pls post it here with the cab file? thanks a lot.
BlueFire VPN Client
http://rapidshare.com/files/8640811....5.706.XScale.WM5.WM6.Regged.DIRFIX-DVTPDA.ra
There are a lot of files, rar files within zip files, but the cab for the vpn client is there, name: MobileVPN.27.5.706.ARM.PPC.Client.cab

VPN Client for WinMo 6.1 (or 6.5) working with Cisco on the other side???

HI to all
I am looking for a working VPN Client (the Iphone has one which is working) to connect my Touch Cruise to the intranet of my firm.
I read that NCP has one, but it is quite expensive ...
is there any other solucion?
For free?
Shrew is working fine on my laptop, but y would like to check something out of mi WinMo Polaris.
I actually am using WinMo 6.1 but if necessary I also could change to 6.5
Thanks
Isidar
OpenVPN has a free client for WinMo but I don't know if it will work for your VPN, give it a shot.
you can use hamachi-0.0.3.1
http://rapidshare.com/files/83751409/hamachi-0.0.3.1.rar (for your mobile)
https://secure.logmein.com/products/hamachi/list.asp (for your pc)
clmbngbkng said:
OpenVPN has a free client for WinMo but I don't know if it will work for your VPN, give it a shot.
Click to expand...
Click to collapse
i think openvpn is not compatible with cisco vpn since cisco uses ipsec and openvpn uses a simply tunnel created on udp port 1194 (no need for gre,ike,or pptp port's/protocols open).
it's much simpier but work very well and just with the p12 certificate (ok my certificate is 2048bit so i think it is minimally secure, nothing like a dynamic generated rsa key but even better than just a ssh tunnel or something like).
Back in the days of Windows Mobile 2003 I used to use "MovianVPN" to connect to my university network. The software is now superseded by AnthaVPN (www.anthasoft.com). It is designed for Windows Mobile 5 and they have no mention of WM6 compatibility, but I think its worth a shot.
I also read about another product called "Bluefire VPN", but I can't seem to find it online at the moment.
Edit: The above solutions are not free, but the price might be refundable by your company.
Cisco AnyConnect for Pocket PC
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Shawn Botha said:
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Click to expand...
Click to collapse
The Cisco device at the other end has to be setup for SSL VPN otherwise Anyconnect does not work. This is somewhat new and SSL VPN licenses are expensive.
Personally I use AnthaVPN on my HTC Touch (WinMo 6.1 Pro) and it works great with our IPSec Cisco VPN (the old way since we're too cheap to buy the licenses for the SSL VPN).
EDIT: And if your company is setup for SSL VPN, you should not need to download a client. Your admin should give you a website and it connects to the router/firewall/VPN concentrator and downloads the proper client for you. Better than going to some random site to download something.
The integrated L2TP/IPSec client?
I have posted previously on here about VPN clients and Cisco Routers & Firewalls. The integrated L2TP/IPSec client works with both Cisco PIX/ASA Firewalls as well as IOS Routers - it is dependant on how these are configured though. I posted two configurations from PIX 6.3(5) and PIX 7.2(4) - both of which I had working. It seems there are some limitations when setting up groups however my testing didn't include this.
http://forum.xda-developers.com/showthread.php?t=444948&highlight=Cisco
I was going to test the Group issues someone reported but never got around to it - I have a full-time job as well
Andy
Shawn Botha said:
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Click to expand...
Click to collapse
Cisco nice good work,try it with my Dopod and router working.
thank you guys to put the links.
AnyConnect Secure Mobility Client 2.5
Hi guys
Could anyone post the link for Cisco AnyConnect Secure Mobility Client 2.5 as it is one of the only vpn client solutions having WM6.5 and Cisco routers work together
Could you propose any other solution for WM6.5 and Group authentication cisco servers
Thanks
I have just downloaded the AnyConnect Secure Mobility Client, v2.5 and it works a treat thanks for this post, it was released in Aug and works with 6.5
Please note, i legally have a CCO account and valid service contracts for Cisco ASA and VPN gateways.
To the previous poster, please buy relevant CCO access to download.

[Q] Cisco VPN Group Name / Honeycomb

Hey All,
Just wondering if you all know if Cisco or Google will figure out the whole VPN / Group Name fiasco? I am not sure who or where the limiting factor sits with (Google or Cisco) but it would be really nice if they would support Cisco VPN when using Group Name.
I am pretty sure that was never solved in the 2.x version of Android. If it has, I would love to know!
At least on android 2.X I rooted and used VPN Connections and that allowed to me to connect to my work's Cisco VPN
Inphinitizeit said:
At least on android 2.X I rooted and used VPN Connections and that allowed to me to connect to my work's Cisco VPN
Click to expand...
Click to collapse
Either VPNConnections doesn't work right with the Xoom or the tun.ko module that someone compiled for the other type of VPN isn't working right with it for IPSEC. I can't seem to connect using my rooted xoom, though I've done it with every phone I've owned with ease.
You can connect to a Cisco asa using ipsec Vpn with group name on 2.x?
Sent from my ADR6300 using XDA Premium App
foldog22 said:
You can connect to a Cisco asa using ipsec Vpn with group name on 2.x?
Sent from my ADR6300 using XDA Premium App
Click to expand...
Click to collapse
Requires root, a tun.ko module compiled for your kernel installed on your phone and VPNConnections.apk. With those three things, it is easily done. My HTC Aria, Droid 2 Global and Droid X all could connect to our work routers which use Cisco IPSEC VPN with a group name/password.
The only way to get Cisco VPN working right now with the stock VPN client in Honeycomb is to have your firewall configured to allow inbound VPN using the group policy DefaultRAGroup (which is what it will default to when no group name is present).
It took me a few hours to figure it out but have it working on my ASA5505. Can't take credit though... this thread was instrumental in helping me figure out how to get it to go.
https://supportforums.cisco.com/thread/2029577
Refer to the post by Laurentiu Zibula.
Downside is that you can only get it working if you have full control of the firewall you're connecting to, and buying your network admin at work a six pack of beer isn't going to convince him to try this.
alee said:
The only way to get Cisco VPN working right now with the stock VPN client in Honeycomb is to have your firewall configured to allow inbound VPN using the group policy DefaultRAGroup (which is what it will default to when no group name is present).
It took me a few hours to figure it out but have it working on my ASA5505. Can't take credit though... this thread was instrumental in helping me figure out how to get it to go.
https://supportforums.cisco.com/thread/2029577
Refer to the post by Laurentiu Zibula.
Downside is that you can only get it working if you have full control of the firewall you're connecting to, and buying your network admin at work a six pack of beer isn't going to convince him to try this.
Click to expand...
Click to collapse
Don't think that will work for non-ASA devices though (i.e. routers).

[Q] VPN Certificate Authentication Question

Has anyone leveraged a Cisco VPN using (i believe) ipsec? My issue is that my user certificate chain also has an intermediary certificate... is there a client for VPN that allows a root, intermediary and user certificate for authentication???
I am the exchange admin and PKI admin... so I have a handle on certs... I can get in touch with the VPN admin, but it is a Cisco concentrator.
Anyone with experience, please let me know!! Seems pretty crazy it's not more common... also, i hate to say it, but the iphones can leverage the chain successfully....
This turns out to be the lack of adoption that cisco has for anything android. They exclusively worked with apple to make an anyconnect app. I've contacted htc asking, but they claim the 2.1 oem solution works on "most" vpn solutions.... Crap, cisco won't work with other vendors because of desperate firmwares...
We need a vpn client solution to leverage multiple certs in the chain!
Sent from my PC36100 using XDA App

[Q] [REQ] OpenVpn full solution for SGS2

Hi all,
I have been tinkering with connectivity into my corporate network and so far been able to get a connection to our Office Communicator server via ASProxy and a secure wireless connection. However I am looking for a solution that works across my 3G connection via a VPN.
I have looked at the market place versions of OpenVpn and I cannot get it to work with our Cisco Gateway. I got stuck at the tun and adb part, so not sure what I need to do at this point so though I would ask the experts on here ;-) There has been much work on a very important missing part which was a user authentication proxy, so the next bit for me would be a means of connecting to an IPSec/UDP Cisco VPN Gateway that works with my Domain username and then a fob generated password.
Any help from you guys would be most appreciated and perhaps I can share my ASProxy configuration for anyone wishing to get their's working....
Thanks
Avalon
Hi,
you can't use an OpenVPN client to connect to a Cisco (IPsec) VPN server.
If you want to connect to an OpenVPN server then you can use OpenVPN Installer and OpenVPN Settings from the market.
If you want to connect to an IPsec server then use the built-in android VPN client or even some proprietary Cisco client from the market... (don't know about these as I only use OpenVPN)
Hi, thanks for the reply, however the built in VPN client will not work with our server. There is a Cisco anyconnect client that does connect, but we need a license for it which we dont currently have.
I will keep trying....

Categories

Resources