Store VPN password on iPhone (3.0) IPSec Client

From Iwan
Jump to: navigation, search

There are plenty of blog posts on how to configure your Cisco ASA in a way so that your iPhone can set up an VPN connection to it.

I personally prefer THIS blog article.

In the earlier days I was able to store my password within the iPhone for my VPN connection towards my ASA, but sinds the 3.0 software came out it is always asking me for a password. When I try to store the password the password field is just greyed out and there is no option on the iPhone to unloch this.

Well I found the solution today! You need to configure this in the device that is your VPN server! In my case this will be the ASA 5505.

Within the remote access group policy attributes page  "group-policy iphone attributes" you need to put in the option "password-storage enable"

When this is done you save the config on the ASA and connect to the VPN once with your iPhone. After you connected once and typed in the password manually and you disconnected again you will be able to enter a password in the settings page of the iPhone IPSEC Client. When done you can simply click on "Save".

It appears that earlier that earlier versions of the VPN client on iPhone OS builds prior to 3.0 did not enforce this.

I have to say this could not be safe to do this in terms of security ... If you leave your iPhone unattended and there are people when know how these things word they can theoretically hack into your private network. I set up my iPhone that it asks for a security code after it went to standby. This way nobody can enter the VPN client without knowing this security code ;-)