Manualshelf

User Guide

ManualsBrandsApple ManualsOtherIPHONE OS
11121314151617181920
18 Chapter 1 Deploying iPhone and iPod touch
 If you plan to use certificate-based authentication, make sure you have your public
key infrastructure configured to support device and user-based certificates with the
corresponding key distribution process.
 Verify the compatibility of your certificate formats with the device and your
authentication server. For information about certificates see “Certificates and
Identities on page 11.
Virtual Private Networks
Secure access to private networks is supported on iPhone, iPod touch, and iPad using
Cisco IPSec, L2TP over IPSec, and PPTP virtual private network protocols. If your
organization supports one of these protocols, no additional network configuration or
third-party applications are required in order to use your devices with your VPN
infrastructure.
Cisco IPSec deployments can take advantage of certificate-based authentication via
industry-standard X.509 certificates. Additionally, certificate-based authentication
allows you to take advantage of VPN On Demand, which provides seamless, secure
wireless access to your enterprise network.
For two-factor token-based authentication, iPhone OS supports RSA SecurID and
CryptoCard. Users enter their PIN and token-generated, one-time password directly on
their device when establishing a VPN connection. For compatible Cisco VPN servers and
recommendations about configurations, see Appendix A.
iPhone, iPod touch and iPad also support shared secret authentication for Cisco IPSec
and L2TP/IPSec deployments, and MS-CHAPv2 for basic user name and password
authentication.
VPN Proxy auto-config (PAC and WPAD) is also supported, which allows you specify
proxy server settings for accessing specific URLs.
VPN Setup Guidelines
 iPhone OS integrates with most existing VPN networks, so minimal configuration is
necessary to enable devices to access to your network. The best way to prepare for
deployment is to check if your companys existing VPN protocols and authentication
methods are supported by iPhone.
 Ensure compatibility with standards by your VPN concentrators. It’s also a good idea
to review the authentication path to your RADIUS or authentication server, to make
sure standards supported by iPhone OS are enabled within your implementation.
 Check with your solutions providers to confirm that your software and equipment
are up-to-date with the latest security patches and firmware.