Built in VPN (Cisco IPSec) w/ certificates

jwojda
Valued Contributor II

I've been mucking around with OS X's built in Cisco VPN. I've gotten it
working with certificates on the iDevices, but I can't seem to get the
Mac to do it. And I can't use shared secret's due to PCI compliance.

Using the exact same certs (Root CA and User Cert), in the system
keychain, going to the same VPN concentrator, as I do on the iDevice,
but I can't get it to do anything ono the Mac. It tries to connect then
says either negotiation failed (1st time I try to connect) or
configuration error (any time after the first). I've tried both DNS
name and IP address. I've had the VPN guy monitor logs and watch for my
incoming connection, and they will see me, but he didn't have any
relevant information about why I'm getting denied.

Anybody have some insider tips about that? My google-fu has been
letting me down on this, and our Apple SE's suggestion was to ask y'all
:-)

John Wojda

Lead System Engineer, DEI

3333 Beverly Rd. B2-338B

Hoffman Estates, IL 60179

Phone: (847)286-7855

Page: (224)532.3447

Team Lead: Matt Beiriger
<mailto:mbeirig at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Fe
edback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.>

Mac Tip/Tricks/Self Service & Support <http://bit.ly/gMa7TB>

2 REPLIES 2

TreviñoL
Contributor

Hello,

We are currently using Juniper as our VPN solution but are having lots of support issue with the iOS apps they have on the App Store. I would like to recommend Cisco as a new solution to our IT team for both iOS and Mac OS. Did you solve the issues you were having with the Mac OS and how is your iOS vpn working out for you so far.

Thanks

Luis

bentoms
Honored Contributor III
Honored Contributor III

@RS4 Wow. Quite the old post you've commented on. I can't talk for @jwojda but we use Cisco IPSEC currently for iOS & OSX clients. Both delivered via a profile & it works well.