Discussion:
Using my laptop/notebook's VPN connection for iPhone 6?
(too old to reply)
Ant
2016-04-13 19:13:22 UTC
Permalink
Hello.

I was told that I could use my work's (notebook/laptop)s' network
connections (VPN) for iPhone 6 (iOS v9.3.1) to use. Basically, I want to
connect iPhone (doesn't comes with a VPN software) to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.

Thank you in advance. :)
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
nospam
2016-04-13 19:24:25 UTC
Permalink
Post by Ant
I was told that I could use my work's (notebook/laptop)s' network
connections (VPN) for iPhone 6 (iOS v9.3.1) to use. Basically, I want to
connect iPhone (doesn't comes with a VPN software)
yes it does. go to settings>general>vpn and configure it.
Post by Ant
to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot. for
the mac, it's in the sharing preference panel under internet sharing.
you will need to connect it to a wired network.
Ant
2016-04-13 19:41:30 UTC
Permalink
Post by nospam
Post by Ant
I was told that I could use my work's (notebook/laptop)s' network
connections (VPN) for iPhone 6 (iOS v9.3.1) to use. Basically, I want to
connect iPhone (doesn't comes with a VPN software)
yes it does. go to settings>general>vpn and configure it.
Interesting. I will have to figure out how my work's IT's VPN software
is set up to match it.
Post by nospam
Post by Ant
to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot. for
the mac, it's in the sharing preference panel under internet sharing.
you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
nospam
2016-04-13 20:12:10 UTC
Permalink
Post by Ant
Post by nospam
Post by Ant
to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot. for
the mac, it's in the sharing preference panel under internet sharing.
you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.

if you want the laptop to wirelessly connect to the network, then
you'll need a wired connection from the latop to the other devices.
apple has an ethernet adapter for the ipad pro, but i don't think that
works on the iphone.
Ant
2016-04-13 22:10:12 UTC
Permalink
Post by nospam
Post by Ant
Post by nospam
Post by Ant
to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot. for
the mac, it's in the sharing preference panel under internet sharing.
you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.
Darn. I will need to get an ethernet adapter then.
Post by nospam
if you want the laptop to wirelessly connect to the network, then
you'll need a wired connection from the latop to the other devices.
apple has an ethernet adapter for the ipad pro, but i don't think that
works on the iphone.
So, wired lighting -> MBP's USB won't work as a network connection?
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
nospam
2016-04-13 22:20:57 UTC
Permalink
Post by Ant
So, wired lighting -> MBP's USB won't work as a network connection?
short answer: no.
Ant
2016-04-13 23:21:01 UTC
Permalink
Post by nospam
Post by Ant
So, wired lighting -> MBP's USB won't work as a network connection?
short answer: no.
OK and thanks. I am surprised Apple didn't make that.
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
nospam
2016-04-13 23:36:22 UTC
Permalink
Post by Ant
Post by nospam
Post by Ant
So, wired lighting -> MBP's USB won't work as a network connection?
short answer: no.
OK and thanks. I am surprised Apple didn't make that.
no need.
David Empson
2016-04-13 23:29:24 UTC
Permalink
Post by Ant
Post by nospam
Post by Ant
Post by nospam
to the computer ((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro
[early 2013; Mac OS X v10.10.5/Yosemite])) with its connected VPN
on the Internet. How do I do this? Please note that I am NOT using
iPhone as my Internet hotspot. I am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot.
for the mac, it's in the sharing preference panel under internet
sharing. you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.
Darn. I will need to get an ethernet adapter then.
For your early 2013 MacBook Pro, note that Apple sells both USB and
Thunderbolt versions of the Ethernet adapter.

http://www.apple.com/shop/product/MD463LL/A/thunderbolt-to-gigabit-ethernet-adapter
http://www.apple.com/shop/product/MC704LL/A/apple-usb-ethernet-adapter

The Thunderbolt version's key advantages over the USB one are:

1. Supports Gigabit Ethernet rather than being limited to 100 Mbps.

2. If you often have your USB ports occupied but have a rarely used
Thunderbolt port, it keeps your USB ports free.

I have both adapters, so I can cover all situations (and I sometimes use
the USB adapter on older Macs that don't have a Thunderbolt port).

Your Lenovo Thinkpad may have a built-in Ethernet port, which would save
the cost of an adapter, but that assumes you can work out how to make
Windows share an Internet connection. That is easy to do on a Mac:

System Preferences > Sharing > Internet Sharing.
Choose the "source" from "Share your connection from" menu.
Tick the desired destination ports.
If sharing to Wi-Fi set up security via the Wi-Fi Options button.
Tick the checkbox next to Internet Sharing to enable/disable.
Post by Ant
Post by nospam
if you want the laptop to wirelessly connect to the network, then
you'll need a wired connection from the latop to the other devices.
apple has an ethernet adapter for the ipad pro, but i don't think that
works on the iphone.
So, wired lighting -> MBP's USB won't work as a network connection?
Not in the direction you want. The iPhone has no facility for getting
its Internet connection from a computer via USB, and the computer
probably doesn't have a method to share its connection to the USB port
anyway.


nospam mentioned an Apple adapter to connect an iPad Pro to Ethernet. It
is actually a pair of adapters, which I have, but haven't tried them
with an iPhone yet. Testing now, using my iPhone 6 Plus running iOS
9.3.1.

Yes, it works. My local-only Ethernet doesn't have Internet access, but
the iPhone gets an IP address from my DHCP server, and I can ping my
computer over Ethernet.

The specific combination you need is:

1. Apple Lightning to USB 3 Camera Adapter.

http://www.apple.com/shop/product/MK0W2AM/A/lightning-to-usb-3-camera-adapter

2. Apple USB Ethernet adapter.

http://www.apple.com/shop/product/MC704LL/A/apple-usb-ethernet-adapter

3. Apple USB power adapter and lightning cable.

I tested with 12W and 10W power adapters. I don't have a 5W adapter
handy so can't confirm that it would provide enough power.

The USB 3 version of the camera adapter has a lightning socket, so it
can be powered externally. The power source must be connected, as
without it the iPhone complains about the Ethernet adapter requiring too
much power. That rules out using the original Lighting to USB Camera
Adapter, as it has no power input.

(The extra speed of USB 3 is not accessible to the iPhone, as its
lightning socket only supports USB 2. The only iOS device to date which
can use USB 3 superspeed is the 12.9-inch iPad Pro.)

This isn't a practical solution as it is rather cumbersome and prevents
portable use of the iPhone, plus there is the cost of buying two
adapters (unless you have other uses for them).
--
David Empson
***@actrix.gen.nz
Ant
2016-04-14 02:58:27 UTC
Permalink
Post by Ant
Post by nospam
Post by Ant
Post by nospam
Post by Ant
to the computer
((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook Pro [early 2013; Mac OS X
v10.10.5/Yosemite])) with its connected VPN on the Internet. How do I do
this? Please note that I am NOT using iPhone as my Internet hotspot. I
am doing it in in reversed.
set up the laptop as a software base station, aka wireless hotspot. for
the mac, it's in the sharing preference panel under internet sharing.
you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.
Darn. I will need to get an ethernet adapter then.
OK, I got an ethernet adapter for ThunderBolt cable from work. I
connected it to both MBP and the wireless router. I told Mac OS X's
sharing to do this:

"Share your connection from: [Thunderbolt Ethernet]"
"To computers using: [Wi-Fi]"

With my workplace's IT's VPN connected on the Internet, I cannot get a
valid IPv4 addresses from its DHCP server, but get something like:
169.254.249.37
255.255.0.0

I tried using both iPhone 6 (iOS v9.3.1) and Samsung Galaxy S6 edge to
connect to this MBP's wifi too.

I also noticed unchecking Mac OS X's "Internet Sharing" disconnects VPN
connection. I noticed VPN software give me a bridge (non-NAT) IP address
like 10.x.x.x. In VMs, they use NAT addresses like 172.16.x.x, 10.0.x.x,
etc. IIRC, IT doesn't allow more than one non-NAT addresses at a time
per machine. :(
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
David Empson
2016-04-14 03:59:40 UTC
Permalink
Post by Ant
Post by Ant
Post by nospam
Post by Ant
Post by nospam
to the computer ((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook
Pro [early 2013; Mac OS X v10.10.5/Yosemite])) with its
connected VPN on the Internet. How do I do this? Please note
that I am NOT using iPhone as my Internet hotspot. I am doing it
in in reversed.
set up the laptop as a software base station, aka wireless
hotspot. for the mac, it's in the sharing preference panel under
internet sharing. you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.
Darn. I will need to get an ethernet adapter then.
OK, I got an ethernet adapter for ThunderBolt cable from work. I
connected it to both MBP and the wireless router. I told Mac OS X's
"Share your connection from: [Thunderbolt Ethernet]"
"To computers using: [Wi-Fi]"
That won't help you use the VPN from the iPhone. It will be sharing the
local Ethernet, not sharing the VPN to which the computer is connected
(which is presumably running over the local Ethernet).

You'd need to have the VPN showing up as a network interface on the Mac,
and share from the VPN network interface to Wi-Fi.

This can be done with OS X's built-in VPN mechanism, which supports L2TP
over IPSec, PPTP, Cisco VPN or IKEv2.

It might not be possible with third party VPN software that doesn't
manifest the VPN as a network interface.
Post by Ant
With my workplace's IT's VPN connected on the Internet, I cannot get a
169.254.249.37
255.255.0.0
I tried using both iPhone 6 (iOS v9.3.1) and Samsung Galaxy S6 edge to
connect to this MBP's wifi too.
I also noticed unchecking Mac OS X's "Internet Sharing" disconnects VPN
connection.
The VPN client sofware is probably disconnecting on any network
configuration change.
Post by Ant
I noticed VPN software give me a bridge (non-NAT) IP address
like 10.x.x.x. In VMs, they use NAT addresses like 172.16.x.x, 10.0.x.x,
etc. IIRC, IT doesn't allow more than one non-NAT addresses at a time
per machine. :(
OS X's Internet Sharing implements its own NAT (and DHCP) to client
networks (defaulting to 192.168.2.0/24, if I remember right), so if it
is possible to share the VPN's network interface, it should work. The
VPN server will see traffic from the iPhone as if it was coming from the
computer.
--
David Empson
***@actrix.gen.nz
Ant
2016-04-14 11:45:21 UTC
Permalink
Post by David Empson
Post by Ant
Post by Ant
Post by nospam
Post by Ant
Post by nospam
to the computer ((Lenovo Thinkpad's 64-bit W7 EE SP1 & MacBook
Pro [early 2013; Mac OS X v10.10.5/Yosemite])) with its
connected VPN on the Internet. How do I do this? Please note
that I am NOT using iPhone as my Internet hotspot. I am doing it
in in reversed.
set up the laptop as a software base station, aka wireless
hotspot. for the mac, it's in the sharing preference panel under
internet sharing. you will need to connect it to a wired network.
Thanks. Oh, I can't do it wirelessly?
when the wireless side is a hotspot for your phone, the other side,
which connects to the network, must be wired.
Darn. I will need to get an ethernet adapter then.
OK, I got an ethernet adapter for ThunderBolt cable from work. I
connected it to both MBP and the wireless router. I told Mac OS X's
"Share your connection from: [Thunderbolt Ethernet]"
"To computers using: [Wi-Fi]"
That won't help you use the VPN from the iPhone. It will be sharing the
local Ethernet, not sharing the VPN to which the computer is connected
(which is presumably running over the local Ethernet).
You'd need to have the VPN showing up as a network interface on the Mac,
and share from the VPN network interface to Wi-Fi.
Ah. So I can't make iPhone use my computer's VPN then? I assuming this
method would be like proxy servers. :(
Post by David Empson
This can be done with OS X's built-in VPN mechanism, which supports L2TP
over IPSec, PPTP, Cisco VPN or IKEv2.
It might not be possible with third party VPN software that doesn't
manifest the VPN as a network interface.
Ah. So I can't make iPhone use my computer's VPN then? :(
Post by David Empson
Post by Ant
With my workplace's IT's VPN connected on the Internet, I cannot get a
169.254.249.37
255.255.0.0
I tried using both iPhone 6 (iOS v9.3.1) and Samsung Galaxy S6 edge to
connect to this MBP's wifi too.
I also noticed unchecking Mac OS X's "Internet Sharing" disconnects VPN
connection.
The VPN client sofware is probably disconnecting on any network
configuration change.
Post by Ant
I noticed VPN software give me a bridge (non-NAT) IP address
like 10.x.x.x. In VMs, they use NAT addresses like 172.16.x.x, 10.0.x.x,
etc. IIRC, IT doesn't allow more than one non-NAT addresses at a time
per machine. :(
OS X's Internet Sharing implements its own NAT (and DHCP) to client
networks (defaulting to 192.168.2.0/24, if I remember right), so if it
is possible to share the VPN's network interface, it should work. The
VPN server will see traffic from the iPhone as if it was coming from the
computer.
Yeah, this is what I was trying to do. Hmm. I wonder how to force NAT
for iPhone connected to MBP's wifi with its VPN connection. I had no
problems without its VPN connected though.
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
Jolly Roger
2016-04-14 00:10:37 UTC
Permalink
Post by Ant
Post by nospam
Post by Ant
I was told that I could use my work's (notebook/laptop)s' network
connections (VPN) for iPhone 6 (iOS v9.3.1) to use. Basically, I want to
connect iPhone (doesn't comes with a VPN software)
yes it does. go to settings>general>vpn and configure it.
Interesting. I will have to figure out how my work's IT's VPN software
is set up to match it.
Specifically, you need to find out if it's L2TP, PPTP, Cisco IPsec, or
IKEv2, along with the server address and credentials needed to
authenticate (user name, password, shared secret, etc.).
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 00:17:57 UTC
Permalink
Post by Jolly Roger
Post by Ant
Interesting. I will have to figure out how my work's IT's VPN software
is set up to match it.
Specifically, you need to find out if it's L2TP, PPTP, Cisco IPsec, or
IKEv2, along with the server address and credentials needed to
authenticate (user name, password, shared secret, etc.).
Is there a reason SSL is omitted from that list to investigate?
nospam
2016-04-14 00:21:53 UTC
Permalink
Post by VPN user
Post by Jolly Roger
Post by Ant
Interesting. I will have to figure out how my work's IT's VPN software
is set up to match it.
Specifically, you need to find out if it's L2TP, PPTP, Cisco IPsec, or
IKEv2, along with the server address and credentials needed to
authenticate (user name, password, shared secret, etc.).
Is there a reason SSL is omitted from that list to investigate?
because it's not one that's supported.
VPN user
2016-04-14 00:34:58 UTC
Permalink
Post by nospam
Post by VPN user
Is there a reason SSL is omitted from that list to investigate?
because it's not one that's supported.
You're funny.
But, by now, you're eminently predictable (as am I).

You're locked into the Apple way; I'm not.

So, when I ask (giving clear detail of SSL), reply yes, and
most people probably believe you (since you play the marketing
checkbox game).

However, when I ask how that can be, you finally admit no.
Which is the correct answer.

Q: Can the native iOS (or Mac) app handle openvpn SSL VPN?
A: No.
nospam
2016-04-14 00:37:19 UTC
Permalink
Post by VPN user
You're locked into the Apple way; I'm not.
there is *nothing* apple specific about pptp, l2tp, ipsec or ikev2.

they are all industry standard vpn protocols, all in very widespread
use.

very few people care about openvpn. it's not worth the effort to
support it because it's not commonly used.
VPN user
2016-04-14 01:44:49 UTC
Permalink
Post by nospam
there is *nothing* apple specific about pptp, l2tp, ipsec or ikev2.
That's not what I meant (and you know that).
I meant that Apple native apps don't support SSL VPN.
Not on iOS.
Not on Mac.

Luckily, freeware apps *do* exist on both platforms that do support
SSL VPN.
Post by nospam
they are all industry standard vpn protocols, all in very widespread
use.
So is SSL VPN as far as I can tell.
Post by nospam
very few people care about openvpn. it's not worth the effort to
support it because it's not commonly used.
It's not "openvpn"; it's SSL VPN.
Openvpn is just one implementation.

Here's "my" understanding of the most common VPN protocols, but I may
very well be wrong because I use SSL VPN exclusively so I haven't
researched the other VPN protocols as much:

This is from my records of about six months ago:
1. BEST: SSL VPN (Secure Socket Layer)
2. JUST OK: L2TP (Layer 2 Tunnelling Protocol) with IPsec
3. BAD: PPTP (Point-to-Point Tunneling Protocol) from MS

I would need to doublecheck if that assessment above is correct as
I certainly know that PPTP is bad news, but I'm not sure about the
difference between SSL VPN and L2TP with IPSec by way of comparison.

I'll look it up in a moment, so all the above is off the cuff or
from my records of past conversations on a.o.l and elsewhere.
VPN user
2016-04-14 02:02:54 UTC
Permalink
This post might be inappropriate. Click to display it.
VPN user
2016-04-14 02:16:10 UTC
Permalink
Post by VPN user
It's not "openvpn"; it's SSL VPN.
Mea culpa.
I seem to be wrong on that terminology distinction.

I see them use both OpenVPN protocol VPN and SSL protocol VPN
interchangeably, so, I stand corrected of myself.
https://duckduckgo.com/html/?q=difference%20between%20ssl%20vpn%20and%20openvpn%20vpn

So, unless shown otherwise, I'll assume (as you did) that SSL VPN
and OpenVPN VPN are the same thing.

BTW, that search found this article comparing IPSec and OpenVPN:
https://www.darkwirevpn.com/vpns/ipsec-versus-openvpn/

I only *skimmed* the article (I didn't read in depth the half-dozen
previous articles, but my reading comprehension is spectacular, so,
skimming works well for me while it would never work for the likes of
JamieK and some of the others out there with low mental acuity).

It sure seems close to unanimous that Openvpn is better than
IpSec which is better than PPTP; but, as in all deeply technical
issues, it may depend on the specific use and threat model.

Still, I can't find a single article (yet) that says IPSec is
*better* than OpenVPN, so, if you think so, please provide a
reference for me to read (as I've provided you a half dozen).
nospam
2016-04-14 03:38:05 UTC
Permalink
Post by VPN user
Post by nospam
there is *nothing* apple specific about pptp, l2tp, ipsec or ikev2.
That's not what I meant (and you know that).
I meant that Apple native apps don't support SSL VPN.
Not on iOS.
Not on Mac.
completely wrong.

ssl vpn works perfectly fine on ios and mac.

the only difference is you need to download an app and/or profile
rather than go through settings. it's not a big deal.

the apps don't care. the apps don't even know the difference.

as usual, you're trolling.
VPN user
2016-04-14 05:44:39 UTC
Permalink
Post by nospam
Post by VPN user
That's not what I meant (and you know that).
I meant that Apple native apps don't support SSL VPN.
Not on iOS.
Not on Mac.
completely wrong.
ssl vpn works perfectly fine on ios and mac.
the only difference is you need to download an app and/or profile
rather than go through settings. it's not a big deal.
the apps don't care. the apps don't even know the difference.
as usual, you're trolling.
I'm trolling?
Are you crazy?

Sometimes you make sense; but half the time you're a kook.
This time, you're a kook.

Look at my exact words in the quote above:
"Apple native apps don't support SSL VPN."

Now, let me highlight the word *native* for you:
"Apple *native* apps don't support SSL VPN."

You absolutely must comprehend the meaning of that sentence.
Because you say the *same* thing when you say:
"you need to download an app"

Let me highlight the word *download* for you :
"you need to *download* an app"

Now, we're both saying the same thing, using different words.
Yet, you still find time to say "Completely wrong".

You're a kook.
nospam
2016-04-14 15:17:19 UTC
Permalink
Post by VPN user
I'm trolling?
yes
VPN user
2016-04-14 16:44:07 UTC
Permalink
Post by VPN user
I'm trolling?
yes
You're a kook.
Jolly Roger
2016-04-14 16:57:12 UTC
Permalink
Post by VPN user
Post by VPN user
I'm trolling?
yes
You're a kook.
Kook is a word that was used to (accurately) describe you recently, and
now you are trying to recycle the word to use on anyone who calls you
out on your trolls. You're so lame and boring.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 16:59:31 UTC
Permalink
Post by Jolly Roger
You're so lame and boring.
:)
Jolly Roger
2016-04-14 17:07:40 UTC
Permalink
Post by Jolly Roger
You're so lame and boring.
:)
Run along now.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 17:33:44 UTC
Permalink
Post by Jolly Roger
Run along now.
:)
Jolly Roger
2016-04-14 15:54:24 UTC
Permalink
Post by VPN user
Post by nospam
Post by VPN user
That's not what I meant (and you know that).
I meant that Apple native apps don't support SSL VPN.
Not on iOS.
Not on Mac.
completely wrong.
ssl vpn works perfectly fine on ios and mac.
the only difference is you need to download an app and/or profile
rather than go through settings. it's not a big deal.
the apps don't care. the apps don't even know the difference.
as usual, you're trolling.
I'm trolling?
Yep, you always do. Any time anyone mentions VPN here you do this. It's
pathetic and boring.
Post by VPN user
You're a kook.
Look in the mirror.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 16:55:53 UTC
Permalink
Post by Jolly Roger
Yep, you always do. Any time anyone mentions VPN here you do this. It's
pathetic and boring.
I do what?

Someone asks a VPN question entails using an iPhone to connect to VPN
through the computer. He asks the *same* question on the Android group,
by the way, just so you know that his question is generic.

I tell the guy I can't help him connect to his Mac but that nospam
is on the case (as you were) so he was in good hands (but mostly
with David Empson, who knows his stuff and doesn't troll like you
and nospam love to do).

*In addition*, since I have experience getting my mobile devices (both
iOS and Android) on VPN, which is trivial to do, I inform the guy that
if VPN is what he wants on his phone, I showed him exactly what software
to download and where to get the VPN configuration files (if that's
what he really wanted for his Android & iOS devices).

Then the trolls came out of the woodwork, mostly nospam, who has a
chip on his shoulder and says that the OP doesn't need to load the
software I recommended because it's native on the iOS device (which is
an untruth).

So I query nospam on that, since sometimes he knows more than I do,
but he merely confirms that what he stated was not true and then
twists the context and says, in defense of Apple's decision not to
support OpenVPN, that "nobody cares about OpenVPN".

Knowing nospam's trolling techniques, I merely look up to see if that's
the case, where I find that *everyone* (unanimously in fact) recommends
OpenVPN over what Apple provides natively.

Surprised, I report that information, with a half-dozen supporting
URLs, asking where nospam got his information that "nobody cares"
about OpenVPN, asking nospam to simply show a single reference backing
up his claim (since everyone seems to recommend OpenVPN over the
limited types of VPNs that Apple devices natively support).

So, in summary,
1. OP asks question of both Android & iOS groups
2. I show OP another way for the OP to connect the mobile device to VPN
3. Nospam trolls, I rebut the trolls, now you troll, and I rebut yours

Both of you (nospam in particular in this thread), are trolls.
Half the time nospam is a kook; about 1/3 or 1/5 of the time you are a kook.
Thank God Rod and JamieK haven't pitched in! (whew!)

There's something very wrong with you guys, but I still like you
because "my" only goals are to find out information. I'm not here
to socialize (as you guys are). I'm in for a reason, and then out
until there is a reason to be back in (which is simply either to
ask a question (95 times out of a 100) or to help someone else
where I can (5 times out of a 100).

You guys are here to help out 95% of the time and you only ask
questions 5% of the time (because your goals are different than
mine).

The main thing you guys have is this apple chip on the shoulder,
which clouds your judgment. You can't stand anyone with a balanced
view of hardware and software. It irks you to no end such that
you make up stuff (like nobody cares about the most recommended
VPN protocol, simply because Apple doesn't natively support it).
Jolly Roger
2016-04-14 17:07:22 UTC
Permalink
Post by VPN user
Post by Jolly Roger
Yep, you always do. Any time anyone mentions VPN here you do this. It's
pathetic and boring.
I do what?
You troll. It's what you do best. In the case of VPN, you jump into any
thread about VPN to complain that the built-in VPN client in OS X and
iOS doesn't support SSL VPN every chance you get - even when the OP
doesn't care about or need SSL VPN. You are also apparently unaware that
most SSL VPN solutions use web browser sessions for connectivity rather
than a third-party VPN client. This mole hill is nowhere near the
mountain you are desperately trying to make out of it. Troll on if it
helps you feel better about yourself somehow.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 17:25:38 UTC
Permalink
Post by Jolly Roger
You are also apparently unaware that
most SSL VPN solutions use web browser sessions for connectivity rather
than a third-party VPN client.
You kooks attempt the strangest arguments to "justify" Apple's decision
not to include the most often recommended VPN clients on their hardware.

This web-based twist in your argument is just yet another example.
You apparently can only see software that nobody would recommend.
And you use *that* software, that nobody would recommend, as your argument.

In contrast to you, I use the most commonly recommended open-source VPN
clients on Windows, Linux, Android, and iOS, and not one of them is a
web based client (which we all agree, is ridiculous to even *think*
about).

ANDROID FREE OPENVPN CLIENT:
OpenvpnConnect, by OpenVN
https://play.google.com/store/apps/details?id=net.openvpn.openvpn

iOS FREE OPENVPN CLIENT:
OpenVPN Connect By OpenVPN Technologies
https://itunes.apple.com/us/app/openvpn-connect/id590379981

LINUX FREE OPENVPN CLIENT:
$ sudo apt-get install openvpn

WINDOWS FREE OPENVPN CLIENT:
https://openvpn.net/index.php/open-source/downloads.html

I'm not sure what you folks use on Mac OS/Xbut Google found this
free openvpn client for the Mac:
OS/X:
https://tunnelblick.net

So, if the OP simply wants VPN on his Android & iOS mobile devices,
then I showed him a way to do that.

Calling that information trolling says more about the chip on your
shoulder, than it says about me.
nospam
2016-04-14 17:36:03 UTC
Permalink
This post might be inappropriate. Click to display it.
VPN user
2016-04-14 19:23:58 UTC
Permalink
Post by nospam
it works just fine without any issue.
First time you made any sense.
Jolly Roger
2016-04-14 17:56:26 UTC
Permalink
Post by VPN user
Post by Jolly Roger
You are also apparently unaware that
most SSL VPN solutions use web browser sessions for connectivity rather
than a third-party VPN client.
You kooks
Still trying to regurgitate that word after others used it to describe
you. You're so lame and sad.
Post by VPN user
attempt the strangest arguments to "justify" Apple's decision
not to include the most often recommended VPN clients on their hardware.
No justification is needed. The fact is the built-in VPN client handles
the most common needs just fine. In this thread, the OP doesn;t want or
need SSL VPN, but you just can't leave it at that; so you troll every
chance you get. Sad.

[bullshit tripe omitted]
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 19:24:41 UTC
Permalink
Post by Jolly Roger
You're so lame and sad.
:)
Jolly Roger
2016-04-14 08:07:40 UTC
Permalink
Post by VPN user
Post by Jolly Roger
Post by Ant
Interesting. I will have to figure out how my work's IT's VPN software
is set up to match it.
Specifically, you need to find out if it's L2TP, PPTP, Cisco IPsec, or
IKEv2, along with the server address and credentials needed to
authenticate (user name, password, shared secret, etc.).
Is there a reason SSL is omitted from that list to investigate?
L2TP, PPTP, Cisco IPsec, and IKEv2 are the most common in use by employers
in the tech industry in my experience, and are supported by the VPN client
built into OS X and iOS. And as you well know (and are wont to point out
every chance you get as if it is a big deal), if his employer's VPN
requires something other than those listed above, there are third-party
applications he can use instead. Though with SSL VPN very often no
additional tools are needed since connectivity is provided through a web
browser based session.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 13:32:25 UTC
Permalink
Post by Jolly Roger
L2TP, PPTP, Cisco IPsec, and IKEv2 are the most common in use by employers
in the tech industry in my experience, and are supported by the VPN client
built into OS X and iOS. And as you well know (and are wont to point out
every chance you get as if it is a big deal), if his employer's VPN
requires something other than those listed above, there are third-party
applications he can use instead. Though with SSL VPN very often no
additional tools are needed since connectivity is provided through a web
browser based session.
Fair enough.
VPN user
2016-04-13 23:12:24 UTC
Permalink
Basically, I want to connect iPhone (doesn't comes with a VPN software)
I do *not* understand your problem well enough to help you on your
specific problem, which, I see, luckily for you, nospam is helping
you already.

What I can tell you is that, depending on the *type* of VPN, there
is VPN software for iOS.

For example, OpenVPN Connect is free ware that handles many formats.

OpenVPN Connect By OpenVPN Technologies
https://itunes.apple.com/us/app/openvpn-connect/id590379981

There are plenty of freeware VPN servers if you want to test it out,
or, if you have a company supplied config file for your laptop, the
same text config files work on the mobile devices.

I personally have tested this out with openvpn files from vpngate
where the same file works on Android, Linux, Windows, & my iPad.

I don't see why the same text config file wouldn't work with the Mac
or with your iPhone.

For example, try any of these config files on your iPhone with OpenVPN:
http://www.vpngate.net
nospam
2016-04-13 23:15:29 UTC
Permalink
Post by VPN user
What I can tell you is that, depending on the *type* of VPN, there
is VPN software for iOS.
and it's built into ios.
VPN user
2016-04-13 23:27:18 UTC
Permalink
Post by nospam
Post by VPN user
What I can tell you is that, depending on the *type* of VPN, there
is VPN software for iOS.
and it's built into ios.
Thank you for this information.

If that's the case, then it's wonderful; but very many times you say
such things, and they turn out to be checkbox items (so they're true
in a Marketing sense), but that they don't work for the stated tasks.

So, to clarify what you said, I would like to test it out!

I can easily download an SSL openvpn config file from vpngate.net
(I literally have thousands of those config files already) onto
the iPad.

Then what?

Specifically, what default VPN client "app" do I run on my iPad
(iOS 7.1.1) to load that Secure Socket Layer configuration file?
nospam
2016-04-13 23:36:22 UTC
Permalink
Post by VPN user
Specifically, what default VPN client "app" do I run on my iPad
(iOS 7.1.1) to load that Secure Socket Layer configuration file?
settings>general>vpn

choose ipsec, l2tp or pptp and configure as necessary.

ikev2 support was added in ios 9. if you need that, you'll have to
upgrade.
VPN user
2016-04-14 00:19:07 UTC
Permalink
Post by nospam
Post by VPN user
Specifically, what default VPN client "app" do I run on my iPad
(iOS 7.1.1) to load that Secure Socket Layer configuration file?
settings>general>vpn
choose ipsec, l2tp or pptp and configure as necessary.
ikev2 support was added in ios 9. if you need that, you'll have to
upgrade.
Then you agree the native iOS app won't work with SSL openvpn files?
nospam
2016-04-14 00:21:53 UTC
Permalink
Post by VPN user
Post by nospam
Post by VPN user
Specifically, what default VPN client "app" do I run on my iPad
(iOS 7.1.1) to load that Secure Socket Layer configuration file?
settings>general>vpn
choose ipsec, l2tp or pptp and configure as necessary.
ikev2 support was added in ios 9. if you need that, you'll have to
upgrade.
Then you agree the native iOS app won't work with SSL openvpn files?
i never said it did and very few people care about ssl openvpn anyway.
VPN user
2016-04-14 00:37:02 UTC
Permalink
Post by nospam
i never said it did and very few people care about ssl openvpn anyway.
:)
VPN user
2016-04-14 02:38:08 UTC
Permalink
Post by nospam
Post by VPN user
Then you agree the native iOS app won't work with SSL openvpn files?
i never said it did and very few people care about ssl openvpn anyway.
After doing a bit of research, it seems that Apple is way behind on
VPN security, so, it's not surprising that Apple users are likewise
way behind on the latest VPN security.

Turns out that SSL/OpenVPN is, unanimously (so far), *better* than IPSec,
based on my skimming of a half dozen articles in the first page of a
Google search for comparisons of VPNs:

https://www.ivpn.net/pptp-vs-l2tp-vs-openvpn
http://www.giganews.com/vyprvpn/compare-vpn-protocols.html
http://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/
https://www.maketecheasier.com/understanding-various-vpn-connections/
https://www.bestvpnz.com/comparison-of-vpn-protocols-pptp-l2tp-ipsec-sstp-openvpn/

Not one hit shows IPSec better than OpenVPN.

All show, so far anyway, OpenVPN (aka SSL VPN) is better for:
1. Security
2. Flexibility
3. Portability
4. Speed
5. And a few other things.

Can you find a single article that says what Apple offers is better
than OpenVPN in terms of security or flexibility or portability or speed?

These all conclude OpenVPN is better than IPSec overall, so, what
I conclude is that both Apple and its users are way behind if it's
true what you said above that "very few people care about ssl openvpn
anyway".
Jolly Roger
2016-04-14 08:13:40 UTC
Permalink
Post by VPN user
Post by nospam
Post by VPN user
Specifically, what default VPN client "app" do I run on my iPad
(iOS 7.1.1) to load that Secure Socket Layer configuration file?
settings>general>vpn
choose ipsec, l2tp or pptp and configure as necessary.
ikev2 support was added in ios 9. if you need that, you'll have to
upgrade.
Then you agree the native iOS app won't work with SSL openvpn files?
You are fixated on it because you like to troll. Any time anyone brings up
VPN - even when SSL isn't required as is the case here, you troll the
thread complaining that a third-party app is needed for SSL VPN, which is
partly untrue since in many cases SSL VPN is implemented through a web
browser SSL session.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
VPN user
2016-04-14 13:34:46 UTC
Permalink
Post by Jolly Roger
Post by VPN user
Then you agree the native iOS app won't work with SSL openvpn files?
You are fixated on it because you like to troll. Any time anyone brings up
VPN - even when SSL isn't required as is the case here, you troll the
thread complaining that a third-party app is needed for SSL VPN, which is
partly untrue since in many cases SSL VPN is implemented through a web
browser SSL session.
I mentioned to the OP that they could run the client on their phone
if (and only if) the VPN was an OpenVPN SSL VPN.

If not, it doesn't apply, as you noted.

I don't think the OP ever mentioned what type of VPN he's using, and
only once mentioned the Cisco client he's using (which gives us hints),
but that Cisco client supports OpenVPN SSL VPN also.

So, do we actually know what VPN protocol the OP is using?
(Since that type of question always elicits a "yes of corse" type
response in this newsroup only, I'll ask it more precisely:

Which VPN protocol is the OP using?
Ant
2016-04-15 03:28:54 UTC
Permalink
Post by VPN user
Post by Jolly Roger
Post by VPN user
Then you agree the native iOS app won't work with SSL openvpn files?
You are fixated on it because you like to troll. Any time anyone brings up
VPN - even when SSL isn't required as is the case here, you troll the
thread complaining that a third-party app is needed for SSL VPN, which is
partly untrue since in many cases SSL VPN is implemented through a web
browser SSL session.
I mentioned to the OP that they could run the client on their phone
if (and only if) the VPN was an OpenVPN SSL VPN.
If not, it doesn't apply, as you noted.
I don't think the OP ever mentioned what type of VPN he's using, and
only once mentioned the Cisco client he's using (which gives us hints),
but that Cisco client supports OpenVPN SSL VPN also.
So, do we actually know what VPN protocol the OP is using?
(Since that type of question always elicits a "yes of corse" type
Which VPN protocol is the OP using?
I have no idea. :/
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
VPN user
2016-04-15 04:08:13 UTC
Permalink
Post by Ant
Post by VPN user
Which VPN protocol is the OP using?
I have no idea. :/
Well, you (the OP) can figure it out from the traffic that you see.

For example, when I start VPN, the very first line I see output in my
terminal window is the following:

Thu Apr 14 19:22:18 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu
[SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6]
built on Dec 1 2014

There will be hints in your configuration file. From your similar post
on comp.mobile.android, we know you're using both Windows & Mac
"Cisco AnyConnect" and that you're on both iOS & Android, and we
are aware that you are not sure *where* the text config files lie.

Googling for "where to find Cisco AnyConnect config files" on various
desktop operating systems, I find this article:

https://supportforums.cisco.com/discussion/10948346/cisco-client-pcf-file-location

Which implies you'll find the *.pcf files in:
Windows: C:\Programs files\Cisco Systems\VPN Client\Profiles\*.pcf
Linux: /etc/opt/cisco-vpnclient/Profiles/*.pcf
Mac: (unfortunately they don't give an OSX location)

Googling further, I find this Cisco document which has table 40-1:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/svc.html

Which lists the Mac OS/X path in addition to the other desktop OS paths:

Windows Vista
%ALLUSERSPROFILE%\Cisco\Cisco AnyConnect VPN Client\Profile\

Windows XP and 2000
%ALLUSERSPROFILE%/Application Data/Cisco/Cisco AnyConnect VPN Client/Profile/

Linux
/opt/cisco/vpn/profile/

Mac OS X
/opt/cisco/vpn/profile/

If you take a look at that *.pcf file, you will get an idea of the type
of VPN that you are using.

For example, if you pick any *.ovpn file at vpngate.net, you see the very
first line says it's an "OpenVPN 2.0" configuration file.
Ant
2016-04-16 00:55:48 UTC
Permalink
Post by VPN user
I don't know where these configurations are.
Well, you (the OP) can figure it out from the traffic that you see.
For example, when I start VPN, the very first line I see output in my
Thu Apr 14 19:22:18 2016 OpenVPN 2.3.2 x86_64-pc-linux-gnu
[SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6]
built on Dec 1 2014
There will be hints in your configuration file. From your similar post
on comp.mobile.android, we know you're using both Windows & Mac
"Cisco AnyConnect" and that you're on both iOS & Android, and we
are aware that you are not sure *where* the text config files lie.
Googling for "where to find Cisco AnyConnect config files" on various
https://supportforums.cisco.com/discussion/10948346/cisco-client-pcf-file-location
Post by VPN user
Windows: C:\Programs files\Cisco Systems\VPN Client\Profiles\*.pcf
Weird. There is no C:\Programs files\Cisco Systems\. I also checked in
C:\Program Files (x86), but did find its \Cisco Systems\
folder/directory, but no "VPN Client" folder/directory.
Post by VPN user
Linux: /etc/opt/cisco-vpnclient/Profiles/*.pcf
Mac: (unfortunately they don't give an OSX location)
http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/svc.html
Post by VPN user
Windows Vista
%ALLUSERSPROFILE%\Cisco\Cisco AnyConnect VPN Client\Profile\
Windows XP and 2000
%ALLUSERSPROFILE%/Application Data/Cisco/Cisco AnyConnect VPN
Client/Profile/
Post by VPN user
Linux
/opt/cisco/vpn/profile/
I tried these in 64-bit W7 EE SP1, but not found.
Post by VPN user
Mac OS X
/opt/cisco/vpn/profile/
My MBP's /opt/cisco/vpn/'s profile doesn't exist.
Post by VPN user
If you take a look at that *.pcf file, you will get an idea of the type
of VPN that you are using.
For example, if you pick any *.ovpn file at vpngate.net, you see the very
first line says it's an "OpenVPN 2.0" configuration file.
Searching for *.pcf files in Mac OS X v10.10.5 resulted none. I saw a
bunch of *.pcf.gz files from X11's share fonts location.

Searching for *.pcf files in 64-bit W7 EE SP1 resulted none as well.

FYI both AnyConnect Secure Mobility Clients' versions are 4.1.06020.
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
Ant
2016-04-13 23:22:07 UTC
Permalink
Post by VPN user
Basically, I want to connect iPhone (doesn't comes with a VPN software)
I do *not* understand your problem well enough to help you on your
specific problem, which, I see, luckily for you, nospam is helping
you already.
What I can tell you is that, depending on the *type* of VPN, there
is VPN software for iOS.
For example, OpenVPN Connect is free ware that handles many formats.
OpenVPN Connect By OpenVPN Technologies
https://itunes.apple.com/us/app/openvpn-connect/id590379981
There are plenty of freeware VPN servers if you want to test it out,
or, if you have a company supplied config file for your laptop, the
same text config files work on the mobile devices.
I personally have tested this out with openvpn files from vpngate
where the same file works on Android, Linux, Windows, & my iPad.
I don't see why the same text config file wouldn't work with the Mac
or with your iPhone.
http://www.vpngate.net
On computers, they are using
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html
... Will its settings work on iOS' VPN?
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
VPN user
2016-04-13 23:39:10 UTC
Permalink
Post by Ant
On computers, they are using
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html
... Will its settings work on iOS' VPN?
I don't know if I know enough to adequately help you, but watch out for nospam
because he gives the Marketing checkbox answer, which, often is technically
correct, but which is often dead wrong from a pragmatic standpoint.

For example, the Mac comes natively with VPN, so it gets the marketing checkbox,
but that native VPN, I'm told (I don't have a Mac) handles only L2TP with IPSec
or PPTP or Cisco IPSec, but not SSL/TLS (which OpenVPN is).

So, let's work together, although I am *not* an expert, on first figuring out
what that Cisco client you referred to handles.

From my records, here's my "assumption" of what is better and worse (although
your mileage may vary greatly depending on your setup and needs):
1. BEST: SSL VPN (Secure Socket Layer) (uses tun0)
2. JUST OK: L2TP (Layer 2 Tunnelling Protocol) with IPsec (uses tun0)
3. BAD: PPTP (Point-to-Point Tunneling Protocol) from MS (uses ppp0)

Looking at your web site:
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html

Hmmmm... I don't see any mention of "ssl" or "secure socket layer" in the
main page you referred me to.

However, I *do* see SSL listed in this landing page:
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/q-and-a-listing.html

Specifically in this PDF found at that landing page:
http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-secure-mobility-client/at_a_glance_c45-578609.pdf

Where it says (verbatim):
"The industry-leading AnyConnect Secure Mobility Client is a
multifaceted endpoint software product. That means it not only provides
VPN access through Secure Sockets Layer (SSL) and IPsec IKEv2 but
also offers enhanced security through various built-in module".

So, you should be good to go with the vpngate.net SSL config files.
Just remember the *purpose* of vpngate is to avoid censors, so,
it has its pros and cons.

There are *plenty* of other free ware VPN servers out there that
also use SSL if you don't want to use vpngate though, but they
all have their pros and cons.
http://freevpn.me/accounts
https://www.vpnme.me/freevpn.html
http://www.vpnbook.com/freevpn
http://vpn.vpnreactor.com
https://www.vpnoneclick.com
http://freeusvpn.itshidden.eu
http://www.securitykiss.com
https://www.threatspike.com/portal/register
http://vpngate.net
etc.

Let me know if this helps.

Beware of the help that nospam provides.
Half the time he's right on the mark, where he knows more than I'll
ever know; the other half of the time he's a kook.

You have to actually try out his suggestions to find out whether
he's being intelligent or a kook at any one moment.

He's still worth listening to - but he wastes a *lot* of your time
when he's being a kook (usually it's to defend some Apple decision
that makes no sense in the real world of integrated computers).
Ant
2016-04-14 03:07:08 UTC
Permalink
Post by VPN user
Post by Ant
On computers, they are using
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html
... Will its settings work on iOS' VPN?
I don't know if I know enough to adequately help you, but watch out for nospam
because he gives the Marketing checkbox answer, which, often is technically
correct, but which is often dead wrong from a pragmatic standpoint.
For example, the Mac comes natively with VPN, so it gets the marketing checkbox,
but that native VPN, I'm told (I don't have a Mac) handles only L2TP with IPSec
or PPTP or Cisco IPSec, but not SSL/TLS (which OpenVPN is).
So, let's work together, although I am *not* an expert, on first figuring out
what that Cisco client you referred to handles.
From my records, here's my "assumption" of what is better and worse (although
1. BEST: SSL VPN (Secure Socket Layer) (uses tun0)
2. JUST OK: L2TP (Layer 2 Tunnelling Protocol) with IPsec (uses tun0)
3. BAD: PPTP (Point-to-Point Tunneling Protocol) from MS (uses ppp0)
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/index.html
Hmmmm... I don't see any mention of "ssl" or "secure socket layer" in the
main page you referred me to.
http://www.cisco.com/c/en/us/products/security/anyconnect-secure-mobility-client/q-and-a-listing.html
http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-secure-mobility-client/at_a_glance_c45-578609.pdf
"The industry-leading AnyConnect Secure Mobility Client is a
multifaceted endpoint software product. That means it not only provides
VPN access through Secure Sockets Layer (SSL) and IPsec IKEv2 but
also offers enhanced security through various built-in module".
So, you should be good to go with the vpngate.net SSL config files.
Just remember the *purpose* of vpngate is to avoid censors, so,
it has its pros and cons.
There are *plenty* of other free ware VPN servers out there that
also use SSL if you don't want to use vpngate though, but they
all have their pros and cons.
http://freevpn.me/accounts
https://www.vpnme.me/freevpn.html
http://www.vpnbook.com/freevpn
http://vpn.vpnreactor.com
https://www.vpnoneclick.com
http://freeusvpn.itshidden.eu
http://www.securitykiss.com
https://www.threatspike.com/portal/register
http://vpngate.net
etc.
Let me know if this helps.
Beware of the help that nospam provides.
Half the time he's right on the mark, where he knows more than I'll
ever know; the other half of the time he's a kook.
You have to actually try out his suggestions to find out whether
he's being intelligent or a kook at any one moment.
He's still worth listening to - but he wastes a *lot* of your time
when he's being a kook (usually it's to defend some Apple decision
that makes no sense in the real world of integrated computers).
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
VPN user
2016-04-16 19:52:19 UTC
Permalink
Here is one way to use the company VPN on your mobile devices; but
*you* have to do your preliminary homework to find out what type of
VPN your company uses, and where the VPN configuration file resides.

We can't do that for you.

Here are the simple steps to getting your company VPN on your phone.

SUMMARY:
1. Find the work vpn configuration text file
2. Read that file to find out what type of VPN you have
3. Find any client that handles that type of VPN
Voila! (It's usually that easy.)

DETAILS:
1. In other posts, I noticed you were already looking for the company
text setup configuration file, so that's good. You have to find it
or you can't go further! (Ask your IT department where it lies.)

2. Looking at that file, you should be able to tell what kind of VPN
you have, but, if not, just ask your IT department what kind of VPN
you are using. They will definitely know.

Depending on what they tell you, here is my personal assessment of
the various major VPNs out there, based mostly on reading *recent*
articles comparing them side by side:

*THE BEST BY FAR:*
SSL VPN (Secure Socket Layer) (open) (TCP/UDP)
OpenVPN defaults to the Blowfish 128 bit CBC cipher.
I recommend AES-128-CBC or AES-256-CBC depending on your speed vs. security needs.

*VERY GOOD:*
IKEv2 VPN tunneling protocol using IPsec Tunnel Mode protocol over UDP port 500.
Good for moving from one IP address to another.

*JUST OK:*
SSTP (Secure Socket Tunneling Protocol) (proprietary)
Uses TCP port 443

*BARELY OK:*
L2TP (Layer 2 Tunnelling Protocol,no encryption) paired with
IPsec (Internet Protocol security) encryption (open) (UDP)
Snowden reveals the NSA deliberately compromised IPSec.
Easily blocked since it runs on UDP port 500.
IPsec typically authenticates using Internet Key Exchange (IKE) protocol.

*ABSOLUTE WORST:*
PPTP (Point-to-Point Tunneling Protocol) from MS (proprietary)

3. Once you now the *type* of VPN, all you need to find is a client for
the mobile device that *handles* that type of VPN.

For example, if it's the best VPN (SSL), then there are plenty of free
clients on every platform:

ANDROID:
Install the free app "OpenVPN Connect", by "OpenVPN" from Google Play.
https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en

iOS:
Install "OpenVPN Connect", by "OpenVPN Technologies" on the Apple App Store.
https://itunes.apple.com/us/app/openvpn-connect/id590379981

Linux:
$ sudo apt-get install openvpn
$ yum install openvpn

Mac OS/X:
Download the free "tunnelblick" graphic user interface for OpenVPN on OS X
https://tunnelblick.net/
(You can pay $9 for Viscosity if you enjoy spending money on apps.)

Windows:
Download the 32-bit or 64-bit XP or Vista-and-above free open-source openvpn client.
https://openvpn.net/index.php/download/community-downloads.html

It's really that easy to get VPN on your mobile device.
I've done it using *thousands* of different VPN files.
You can too.

You just need to do your homework.
a. Ask your IT department what type of VPN you are using.
b. Ask your IT department where your vpn configuration files lie.
c. Copy those files to your phone
d. Load those files with the appropriate VPN client software.
Voila. Your phone will be on VPN.
Ant
2016-04-17 01:12:15 UTC
Permalink
Thanks. IT wants my department to pay for VPN for mobile devices which
my department instead of telling me where tyhe configurations are.
Hence, why I am trying to find a way to proxy with my computers that do
have VPN access. Department doesn't want to pay for them due to limited
budgets. Ugh. I guess I can't do my work with mobile devices then. Their
losses.
Post by VPN user
Here is one way to use the company VPN on your mobile devices; but
*you* have to do your preliminary homework to find out what type of
VPN your company uses, and where the VPN configuration file resides.
We can't do that for you.
Here are the simple steps to getting your company VPN on your phone.
1. Find the work vpn configuration text file
2. Read that file to find out what type of VPN you have
3. Find any client that handles that type of VPN
Voila! (It's usually that easy.)
1. In other posts, I noticed you were already looking for the company
text setup configuration file, so that's good. You have to find it
or you can't go further! (Ask your IT department where it lies.)
2. Looking at that file, you should be able to tell what kind of VPN
you have, but, if not, just ask your IT department what kind of VPN
you are using. They will definitely know.
Depending on what they tell you, here is my personal assessment of
the various major VPNs out there, based mostly on reading *recent*
*THE BEST BY FAR:*
SSL VPN (Secure Socket Layer) (open) (TCP/UDP)
OpenVPN defaults to the Blowfish 128 bit CBC cipher.
I recommend AES-128-CBC or AES-256-CBC depending on your speed vs. security needs.
*VERY GOOD:*
IKEv2 VPN tunneling protocol using IPsec Tunnel Mode protocol over UDP port 500.
Good for moving from one IP address to another.
*JUST OK:*
SSTP (Secure Socket Tunneling Protocol) (proprietary)
Uses TCP port 443
*BARELY OK:*
L2TP (Layer 2 Tunnelling Protocol,no encryption) paired with
IPsec (Internet Protocol security) encryption (open) (UDP)
Snowden reveals the NSA deliberately compromised IPSec.
Easily blocked since it runs on UDP port 500.
IPsec typically authenticates using Internet Key Exchange (IKE) protocol.
*ABSOLUTE WORST:*
PPTP (Point-to-Point Tunneling Protocol) from MS (proprietary)
3. Once you now the *type* of VPN, all you need to find is a client for
the mobile device that *handles* that type of VPN.
For example, if it's the best VPN (SSL), then there are plenty of free
Install the free app "OpenVPN Connect", by "OpenVPN" from Google Play.
https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en
Install "OpenVPN Connect", by "OpenVPN Technologies" on the Apple App Store.
https://itunes.apple.com/us/app/openvpn-connect/id590379981
$ sudo apt-get install openvpn
$ yum install openvpn
Download the free "tunnelblick" graphic user interface for OpenVPN on OS X
https://tunnelblick.net/
(You can pay $9 for Viscosity if you enjoy spending money on apps.)
Download the 32-bit or 64-bit XP or Vista-and-above free open-source openvpn client.
https://openvpn.net/index.php/download/community-downloads.html
It's really that easy to get VPN on your mobile device.
I've done it using *thousands* of different VPN files.
You can too.
You just need to do your homework.
a. Ask your IT department what type of VPN you are using.
b. Ask your IT department where your vpn configuration files lie.
c. Copy those files to your phone
d. Load those files with the appropriate VPN client software.
Voila. Your phone will be on VPN.
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.
Loading...