topic Re: iOS VPN and Identity Certificates in General Topics

iOS VPN and Identity Certificates

jambulo — Thu, 24 May 2012 13:28:05 GMT

We are testing Certificate Based Auth + User Based Auth for iOS VPN. Is it best practice to export a unique Identity(Client) Certificate for each user/device? Or is it common to use the same Identity Certificate for everyone? Security wise, it would be better to use unique certificates, but managing them may be hassle. We are also looking into Mobile Iron if that'll help ease things.

Re: iOS VPN and Identity Certificates

bnelson — Thu, 24 May 2012 14:02:36 GMT

We use the same Identity certificate for end user devices, for ease of management. We do have detailed instructions for configuring iOS to function with Global Protect, you can download them here: https://support.paloaltonetworks.com/index.php?option=com_pan&task=dl_tech_doc&filename=GlobalProtect-Config-Apple-iOS-RevB.pdf

Ben