23 August 2011

Apple iPhone PPTP VPN implementation

Getting an Apple device on your network can be a complicated task.  You can however very easily connect your iPhone to your network via a PPTP VPN.

VPN Settings
Because of the device limitations you can only really implement a simple VPN for them to use.  The nice thing about this is that it is such a standard that just about any device can use this VPN.  Windows XP / Vista  / Windows 7 /  Mac OS X / Android...

Configure your TMG or RAS VPN as follows:

  • Protocol  - PPTP
  • Authentication Method  - MS-CHAPv2


Configure your iPhone
The Following need to be configured on the iPhone

  • Settings
  • General
  • Network
  • VPN
  • Add VPN configuration
  • PPTP
  • Description
  • Server - Public DNS or IP
  • Account - Windows Login domain\username
  • Password
  • Encryption Level - Auto
  • Send All Traffic - On
  • Proxy
  • Auto
  • URL http://proxyserver.domain/wpad.dat
  • Save


Connect to the VPN
To connect initially you need to do the following.


  • Settings
  • General
  • Network
  • VPN
  • VPN - Slide to ON
When the VPN is connected you will see a small VPN indicator in the top right corner.

When the iPhone goes to sleep the VPN is disconnected.




Testing
There is no default DNS suffix you can specify (like you can with an Android VPN connection) so you always need to use the FQDN.  This can be somewhat of a problem if all your internal; sites are linked to with simple host names excluding the domain suffix.


To test the proxy, browse to an internet site.  Since we selected the "Send All Traffic" option, the request should be routed to your proxy.  You might be prompted for credentials.  In my case I went to a site that I have configured to block.  This verifies that the traffic is routed via the proxy.




Conclusion
The native support for a Microsoft VPN standard is very useful.  It does not allow for advanced VPN configuration, but at the very least you can connect knowing it is with secure protocols.

No comments:

Post a Comment