Well my problem was this, all the the clients Windows & Linux were connecting successfully using our Cisco VPN client IPSec (Cisco ASA 5505 on the backend) but IPhone for some reason failed to connect. I checked the logs and looked like IPhone (4.2.6) was authenticating successfully but after that it was booted off.
After scouring the web I failed to find anyone with my particular dilemma where their regular VPN was working fine but IPhone won't connect. I finally solved this after reviewing this:
Configuration for IPhone
It turns out that under the Crypto Maps our VPN was using DES MD5 Encryption & Authentication where as IPhone requires 3DES MD5. So after adding a new IPSec Transform Set with Tunnel, 3DES MD5, I added it to our Crypto Maps and viola ... IPhone started connecting through the VPN.
Steps from Cisco ASDM 6.2:
- Click Configuration > Remote Access VPN
- Under Remote Access VPN
Expand Network (Client) Access
Advanced
IPSec
Crypto Maps (Check here what transform set is being used)
IPSec Transform Sets (Check Mode, ESP Encryption Authentication for Transform set selected under Crypto Maps)
If the Transform Set doesn't have 3DES & MD5 just create another Transform Set like 'IPhone' and select Tunnel, 3DES & MD5 for the value. After that go back to Crypto Maps, Edit it and add the new Transform Set to the Crypto Map. Click OK and Apply.
If your VPN was configured like mine, IPhone should now be able to connect.
Please keep in mind that I am a total noob when it comes to Cisco Configuration, but the settings I've mentioned worked for me. I take no responsibility if such settings mess something up in your environment, write every setting that you modify and revert back if it doesn't work for you. I didn't delete any settings in my environment just modded & added a new transform set.
Hope this helps.
P.S This was also tested from an IPad and that works also
