Specifying the Authentication for an L2TP VPN Connection
After specifying the description, server, and account name for an L2TP VPN connection, set up the authentication by following these steps:
- Choose whether to use a password or an RSA SecurID token for authentication:
- RSA SecurID: If the VPN connection uses an RSA SecurID token for authentication, move the RSA SecurID switch to On to use it. The iPad or iPhone then hides the Password field, because the connection uses the token instead of a password.
- Password: If the VPN connection uses a password rather than a certificate for authentication, you can enter it here and have the iPad or iPhone provide it automatically each time the user connects. For greater security, you can leave the password area blank so that the user must enter the password manually for each connection. This helps prevent unauthorized use of the iPad's or iPhone's VPN connection, but the user will likely find typing in the password laborious, especially if it uses letters, numbers, and symbols (as a strong password should).
- In the Secret field, type the preshared key, also called the shared secret, for the VPN. This preshared key is the same for all users of the VPN (unlike the account name and password, which are unique to the user).
- Leave the Send All Traffic switch set to On (the default position) if you want to send all the Internet traffic over the VPN connection rather than sending only those parts destined for the network to which you're connected via the VPN. When Send All Traffic is on, all your Internet connections go to the VPN server; when it is off, Internet connections to parts of the Internet other than the VPN go directly to those destinations.
Specifying the Authentication for a PPTP VPN Connection
After specifying the description, server, and account name for a PPTP VPN connection, set up the authentication by following these steps:
- Choose whether to use a password or an RSA SecurID token for authentication:
- RSA SecurID: If the VPN connection uses an RSA SecurID token for authentication, move the RSA SecurID switch to On to use it. The iPad or iPhone then hides the Password field, because the connection uses the token instead of a password.
- Password: If the VPN connection uses a password rather than a certificate for authentication, you can enter it here and have the iPad or iPhone provide it automatically each time the user connects. For greater security, leave the password area blank so that the user must enter the password manually for each connection. You'll need to balance security against convenience here, especially if the password is a strong one that will require the user to switch keyboards between letters, numbers, and symbols to type.
- Leave the Encryption Level setting set to Auto to have the iPad or iPhone try 128-bit encryption (the strongest) first, then weaker 40-bit encryption, and then None. Choose Maximum if you know you must use 128-bit encryption only. Choose None only for testing-for example, when you're struggling to get the VPN working.
- Leave the Send All Traffic switch set to On (the default position) if you want to send all the Internet traffic over the VPN connection rather than sending only those parts destined for the network to which you're connected via the VPN. When Send All Traffic is on, all your Internet connections go to the VPN server; when it is off, Internet connections to parts of the Internet other than the VPN go directly to those destinations.
In this tutorial:
- iPad and iPhone Users Remote Access to the Network
- Planning How to Connect the iPad and iPhone to Your VPN
- Setting Up the iPad and iPhone to Connect to the VPN
- Specifying the Authentication for an L2TP VPN
- Specifying the Authentication for a PPTP VPN
- Specifying the Authentication for an IPSec VPN
- Specifying the Authentication for a Cisco AnyConnect VPN
- Enabling VPN On Demand for VPN Connections
- Setting Up a VPN Connection Manually
- Specifying the Authentication for an L2TP VPN Connection
- Specifying the Authentication for an IPSec VPN Connection
- Using a VPN
- Troubleshooting VPNs
- Remote Control of Computers on Your Network