VPN with IPSec with a iOS Device

The aim was to connect a iPad to an external corporate network via a VPN connection to use the Microsoft Remote Desktop app.

Please consider the following points when using the built-in Cisco IPsec VPN client on your Apple iOS device:-

> Force all Internet traffic to flow through the tunnel.
The VPN client on the iOS device does not support split tunneling.

> Phase 1 setting > Set the Security Associations (SA) Life to 1 hour.
The VPN client on the iOS device is configured to rekey after 1 hour.

> Phase 2 setting > Do not use PFS.
Perfect Forward Secrecy is not supported.

For this example I was using a WatchGuard XTM Firewall appliance and I was able to import VPN profile settings using the WatchGuard Mobile VPN app.  This allows an administrator to distribute a profile settings file (wgm) via email to end users to apply the VPN profile to their iOS device.

WatchGuard article:- Use Mobile VPN with IPsec with a Mac OS X or iOS Device.