Meraki

Community

Configuring Always-On IPSec VPN with AD UPN Authentication for iPhones in Meraki SM

RobustMeraki
Getting noticed
‎Dec 6 2024 2:55 AM
‎Dec 6 2024 2:55 AM

Configuring Always-On IPSec VPN with AD UPN Authentication for iPhones in Meraki SM

I would like to briefly describe the issue:
• Our customer had an IPSec VPN connection set up by Noris Network to retrieve emails from an on-premises Exchange server to the iPhones of UmweltBank.
• Authentication should be done both via a distributed certificate on the iPhones (distribution works) and through login with AD user credentials (UPN) and corresponding password.

They have created a VPN profile in Meraki SM (see screenshot). How can they get the UPN of the AD user (= OwnerUsername in SM Owners) into these settings? A variable like $OWNEREMAIL or $OWNERUSERNAME does not work.
Additionally, the VPN connection should be Always On and should not disconnect every time the iPhone is locked. Re-establishing the VPN connection or having to enter the password each time the iPhone is unlocked is not practical.

 

 

RobustMeraki_0-1733482420132.png

 

 

The VPN connection works in general; it’s set up on the admins iPhone and he can retrieve emails after entering his UPN and password.

Labels:
0 Kudos
1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 6 2024 7:06 PM
‎Dec 6 2024 7:06 PM

I don't know the answer.

 

Check this out:

https://documentation.meraki.com/SM/Profiles_and_Settings/Variables_in_Custom_Apple_Profiles_with_Sy...

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.