10-01-2013 02:38 AM
Hi,
I have a iphone (ios 7) what i am trying to connect to our global connect vpn setup.
Android have the same problem, and computers using the global connect client is working fine.
This worked fine some time ago, but now I am not able to pass any traffic through the vpn. Looks like there is a issue with default route.
We have not the global connect licens, so are using the Cisco System adapter function.
PA is running 5.0.4
Anyone have this issue, and know how to solve it?
11-13-2013 12:00 PM
I have solved this problem.
Iphone and android have issues with nat, and how to encapsulate esp within a udp-package.
Solved this by insering a reverse proxy before the global protect portal and enabling SNAT.
Now both iphone and android work fine.
Thanks for all help
10-01-2013 07:23 AM
Hello Klumpen,
Per my recent update Iphone 5S model is 64 bit OS and the support for GP is yet to come. But looks like the issue is seen on Android devices too. In that case I would suggest to collect logs on the cell phone from GP client and the logs would share details if the default route details was passed from the portal to the device.
Thanks
10-01-2013 07:30 AM
That's correct. 5s is 64bit OS and currently not supported. Partial support should be made readily available in several days so stay tuned. Full support requires an update to OS from Apple and I believe they are working on that as well.
10-02-2013 02:06 AM
I have iphone 5, and are using the "cisco virtual adapter" vpn, not the global protect client.
This worked fine before.
10-02-2013 10:13 AM
if it worked before check if you have access routes more than 1 or not ?
10-14-2013 11:19 AM
It looks like there is a problem with esp and iphone/android/xauth. Is there any way to force esp to encapsulate into a udp? This is for sure a firewall and a nat issue.
10-14-2013 11:30 AM
Are you using an iPhone 5 or 5s? I have tested X-Auth with IOS7 on the iPhone 5 and I have not seen any issues on both Wifi and LTE connections.
10-15-2013 02:09 AM
Tried both Iphone 4S, 5 and many androids. Android workes sometime fine on wlan, but never 3g.
Iphone works always fine on 3g, but have some issues on wlan.
11-13-2013 12:00 PM
I have solved this problem.
Iphone and android have issues with nat, and how to encapsulate esp within a udp-package.
Solved this by insering a reverse proxy before the global protect portal and enabling SNAT.
Now both iphone and android work fine.
Thanks for all help
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
