Recently I was asked if I could help setup a VPN connection between an Apple iPhone and a Cisco VPN Concentrator 3000, my 1st round of googling didn’t look good, there’s a discussion here complaining about how crap vpn support on the iphone is; further searching lead me to a Cisco document which specifically targets mac clients, this document is for ASA configuration, but if you look carefully* everything you need is in there.

*No, I didn’t get this working 1st time, it took me a good couple of hours of googling, but looking back I can see that all the info is there.

I’ve had a new request in recently, as part of a move to SCEP + Certificates (away from pre-shared keys) a customer has asked if we could use the PKI CA build into Cisco’s router IOS. Now is this is a new idea to me; in the past people have either “plumped” for Microsofts CA implementation or cooked something up themselves with openssl.

Cisco’s IOS Security Guide (you may need a CCO Login) clearly states that it’s possible and that it supports SCEP auto-enrolment, so I thought I’d give it a go!

Found something cool today, a GUI for cisco’s LINUX vpn client.

I’ve tested it & it works as expected, check out the screenshot.

Gnome VPN Dialer Home Page