Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
!
ASA Version 8.2(2)4
!
ip local pool iphonepool 10.10.10.224-10.10.10.239 mask 255.255.255.240
!
aaa-server partnerauth protocol radius
aaa-server partnerauth (inside) host 10.10.7.100
key ******
aaa-server partnerauth (inside) host 10.10.7.101
key ******
!
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-256-SHA ESP-AES-256-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-128-SHA ESP-AES-128-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 20
authentication pre-share
encryption aes-256
hash sha
group 5
lifetime 86400
crypto isakmp ipsec-over-tcp port 10000
!
group-policy iphone internal
group-policy iphone attributes
dns-server value 10.10.7.100 10.10.7.102
vpn-tunnel-protocol IPSec
password-storage enable
ipsec-udp enable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
default-domain value lan.local
!
tunnel-group iphone type remote-access
tunnel-group iphone general-attributes
address-pool iphonepool
authentication-server-group partnerauth LOCAL
default-group-policy iphone
tunnel-group iphone ipsec-attributes
pre-shared-key iphonetest
tunnel-group iphone ppp-attributes
authentication ms-chap-v2
!