IKEv2 VPN and Cisco ASA

dfurasek
Here to help

IKEv2 VPN and Cisco ASA

We are attempting to use the Meraki MDM to push a VPN profile to iPads, using the IKEv2 connection type with certificate authentication, and the ultimate goal is to have an always-on remote access VPN connection between the iPad and a Cisco ASA. Detailed documentation for this scenario (both inside and outside of official Meraki resources) is hard to find, and so far, we have been unsuccessful in making this work as intended, after several attempts and even trying to enlist the help of Cisco TAC. I guess my first question is... Has anyone here been able to successfully implement the scenario that I outlined (especially the ASA part), and/or has anyone here even tried? Thanks!

3 Replies 3
rhbirkelund
Kind of a big deal
Kind of a big deal

From what I see, it should be possible by creating a Device Profile, and pushing it to the device.

rbnielsen_0-1612460668322.png

 

But I would probably try reaching out to Meraki Support, rather then Cisco TAC.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

Is there any option to push an actual XML AnyConnect profile?

 

If so, you should be able to use my online tool to make the profile.

https://www.ifm.net.nz/cookbooks/online-anyconnect-profile-editor.html

That gets a lot of what you want.  You'll still need to add the "Always On" part, but if you get get the above bit working first that would be a good start.

 

You should be able to create the profile on the ASA as well.

That'd prolly be the easiest solution!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels