[Q] VPN Certificate Authentication Question - Networking

Has anyone leveraged a Cisco VPN using (i believe) ipsec? My issue is that my user certificate chain also has an intermediary certificate... is there a client for VPN that allows a root, intermediary and user certificate for authentication???
I am the exchange admin and PKI admin... so I have a handle on certs... I can get in touch with the VPN admin, but it is a Cisco concentrator.
Anyone with experience, please let me know!! Seems pretty crazy it's not more common... also, i hate to say it, but the iphones can leverage the chain successfully....

This turns out to be the lack of adoption that cisco has for anything android. They exclusively worked with apple to make an anyconnect app. I've contacted htc asking, but they claim the 2.1 oem solution works on "most" vpn solutions.... Crap, cisco won't work with other vendors because of desperate firmwares...
We need a vpn client solution to leverage multiple certs in the chain!
Sent from my PC36100 using XDA App

Related

VPN Authentication Question

Does anyone know:
Is it possible to do Group Authentication with the built-in VPN client? My work network uses a Cisco VPN and I've managed to extract out of our IT department the Group name and Password but I can't figure out how to enter this onto the Exec - it offers me "A certificate on this device" or "A pre-shared key" and entering the password into the pre-shared key doesn't seem to work. Our IT department tells me that the Exec is unsupported and won't give me any help so anyone out there know how to do this?
If it's not possible, anyone recommend a good VPN client for connecting to a Cisco VPN?
Thanks
G
Anybody?
My work uses group authentication also. Does anyone know a good vpn client that will work with group authentication?
There is a Cisco ICA/Xen/client for ARM PDA here: http://www.citrix.com/English/ss/downloads/details.asp?downloadId=3607&productId=186#top
Is this what you are looking for?
interesting..
I didn't know there was a citrix client for WM. My work also uses citrix. The only problem is in order to connect with the citrix client I must have a VPN tunnel first . My work uses Cisco VPN Group Authentication. I have not yet found a VPN client for WM that will allow Cisco group authentication. If anyone knows of one, PLEASE let me know.
Thanks wovens for the citrix client. That will be neat to try if I can ever get a VPN tunnel setup.
FOUND IT!
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Does your company use Cisco SSL Vpn by chance? It's the way Cisco is leaning as is with less support for the ipsec since they can make more money off of licensing.
Anyhow if your company does use SSL VPN, Cisco's anyconnect client supports Windows mobile. I have been using it and it works good for what I use it for (primarily SSH, but for kicks I tried remote desktop and it worked good too).
McGeezy said:
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Click to expand...
Click to collapse
this website of "bluefiresecurity.com can not the opened. would u pls post it here with the cab file? thanks a lot.
BlueFire VPN Client
http://rapidshare.com/files/8640811....5.706.XScale.WM5.WM6.Regged.DIRFIX-DVTPDA.ra
There are a lot of files, rar files within zip files, but the cab for the vpn client is there, name: MobileVPN.27.5.706.ARM.PPC.Client.cab

VPN Client for WinMo 6.1 (or 6.5) working with Cisco on the other side???

HI to all
I am looking for a working VPN Client (the Iphone has one which is working) to connect my Touch Cruise to the intranet of my firm.
I read that NCP has one, but it is quite expensive ...
is there any other solucion?
For free?
Shrew is working fine on my laptop, but y would like to check something out of mi WinMo Polaris.
I actually am using WinMo 6.1 but if necessary I also could change to 6.5
Thanks
Isidar
OpenVPN has a free client for WinMo but I don't know if it will work for your VPN, give it a shot.
you can use hamachi-0.0.3.1
http://rapidshare.com/files/83751409/hamachi-0.0.3.1.rar (for your mobile)
https://secure.logmein.com/products/hamachi/list.asp (for your pc)
clmbngbkng said:
OpenVPN has a free client for WinMo but I don't know if it will work for your VPN, give it a shot.
Click to expand...
Click to collapse
i think openvpn is not compatible with cisco vpn since cisco uses ipsec and openvpn uses a simply tunnel created on udp port 1194 (no need for gre,ike,or pptp port's/protocols open).
it's much simpier but work very well and just with the p12 certificate (ok my certificate is 2048bit so i think it is minimally secure, nothing like a dynamic generated rsa key but even better than just a ssh tunnel or something like).
Back in the days of Windows Mobile 2003 I used to use "MovianVPN" to connect to my university network. The software is now superseded by AnthaVPN (www.anthasoft.com). It is designed for Windows Mobile 5 and they have no mention of WM6 compatibility, but I think its worth a shot.
I also read about another product called "Bluefire VPN", but I can't seem to find it online at the moment.
Edit: The above solutions are not free, but the price might be refundable by your company.
Cisco AnyConnect for Pocket PC
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Shawn Botha said:
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Click to expand...
Click to collapse
The Cisco device at the other end has to be setup for SSL VPN otherwise Anyconnect does not work. This is somewhat new and SSL VPN licenses are expensive.
Personally I use AnthaVPN on my HTC Touch (WinMo 6.1 Pro) and it works great with our IPSec Cisco VPN (the old way since we're too cheap to buy the licenses for the SSL VPN).
EDIT: And if your company is setup for SSL VPN, you should not need to download a client. Your admin should give you a website and it connects to the router/firewall/VPN concentrator and downloads the proper client for you. Better than going to some random site to download something.
The integrated L2TP/IPSec client?
I have posted previously on here about VPN clients and Cisco Routers & Firewalls. The integrated L2TP/IPSec client works with both Cisco PIX/ASA Firewalls as well as IOS Routers - it is dependant on how these are configured though. I posted two configurations from PIX 6.3(5) and PIX 7.2(4) - both of which I had working. It seems there are some limitations when setting up groups however my testing didn't include this.
http://forum.xda-developers.com/showthread.php?t=444948&highlight=Cisco
I was going to test the Group issues someone reported but never got around to it - I have a full-time job as well
Andy
Shawn Botha said:
There is an application from Cisco itself that you can download and try.
It's based an Cisco's new Anyconnect module
anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
http://cisco.quanza.net/anyconnect-wince-ARMv4I-activesync-2.3.2016-k9.msi
The website http://www.tycoon.mxm.cx/ has a couple of VPN software apps for all OS
Click to expand...
Click to collapse
Cisco nice good work,try it with my Dopod and router working.
thank you guys to put the links.
AnyConnect Secure Mobility Client 2.5
Hi guys
Could anyone post the link for Cisco AnyConnect Secure Mobility Client 2.5 as it is one of the only vpn client solutions having WM6.5 and Cisco routers work together
Could you propose any other solution for WM6.5 and Group authentication cisco servers
Thanks
I have just downloaded the AnyConnect Secure Mobility Client, v2.5 and it works a treat thanks for this post, it was released in Aug and works with 6.5
Please note, i legally have a CCO account and valid service contracts for Cisco ASA and VPN gateways.
To the previous poster, please buy relevant CCO access to download.

SSL VPN Client for HD2/WinMo6.5?

Hi all,
I've done the requisite searches, and as best as I can tell the IPSEC VPN functionality in the HD2 has some critical problems - mostly characterized by connections dropping when VPN data is accessed.
Is there a good pay/free SSL VPN client for our phone/platform? I'm currently running a Windows Server 2008 R2 box, but wouldn't mind springing for an appliance if it's going to make this work reliable and securely.
So for the more experienced WinMo users, would an updated set of libraries from Microsoft maybe help the problems with the built in solution (which doesn't appear to support SSL VPN connections anyways...)?
I'd prefer to work with the standards on this one, so while I realize that people have found effective ways to get VPN access on their HD2s, I'd like to stick to the Microsoft DirectAccess framework.
Regards,
Slarti, mobile networking neophyte
Been looking for the same for a while, would also appriciate alot if someone can help
bump bumpi bum

CISCO VPN with the SGS

Hey all,
i have a Cisco VPN profile consisting of the following:
VPN HOST
VPN Groupname
VPN Grouppassword
VPN Username
VPN Userpassword
Search Domain
BUT
Where do i enter those credentials in the VPN settings exactly? There are 4 Types of VPN and i dont know which one to choose and where to enter what....
Tired a lot - didnt work. Any advise?
THANX
Tigger
good question. I have the same cisco asa config.
I have a TunnelGroup Name but in the VPN setttings on SGS there is no possibility to enter it.
MagicOnline said:
good question. I have the same cisco asa config.
I have a TunnelGroup Name but in the VPN setttings on SGS there is no possibility to enter it.
Click to expand...
Click to collapse
Exactly my problem.
best would be to somehow import the profiles....but otherwise i couldnt use the SGS for Coorperate mail, cuz thats only running via VPN
**UP**
Plesae help!
It's Google's problem to solve
This is not a limitation of the Samsung Galaxy S. It is a limitation of Android. The VPN client built into Android does not support the Cisco VPN routers that employ group credentials.
As I understand it, the group credentials are not part of the IPSec protocol, but are a Cisco add-on.
For whatever reason, Cisco licensed this technology to Apple but not to Google. So iPhone VPN clients work. But there is no such arrangement with Google for Android. (My own guess is that maybe Apple has some exclusive, or that there is some other corporate political maneuvering happening among these three Silicon Valley giants.)
In any event, there is huge backlog of demand for adding Cisco VPN support to Android. That's what most enterprise users desperately want. I am one of them. But the feature has not been forthcoming.
See the very long line, literally thousands of requests, to Google to add this feature here.

Cisco VPN Client for the DHD

I am searching for an Cisco VPN client for the DHD. I am new to the whole Android world and very interested in buying the DHD. But in order to use a wireless internet connection at my university I have to use a Cisco VPN client. But as far as I know there is no official client from Cisco for Android yet. Is there any other possibility to access the VPN with the DHD?
Can nobody help me? Somebody told me that there is a possibility when the device is rooted with a special script. I just don't want to buy an iPhone

Categories

Resources