This is the latest AnyConnect application for Apple iOS.
Please report any questions to email@example.com.
Please consult with your EMM vendor on configuration changes required to configure this new version if you are not setting it up manually. Samples at: https://community.cisco.com/t5/security-blogs/anyconnect-apple-ios-transition-to-apple-s-latest-vpn-framework/ba-p/3098264
LICENSING AND INFRASTRUCTURE REQUIREMENTS:
You must have an active AnyConnect Plus, Apex or VPN Only term/contract to utilize this software. Use is no longer permitted for older Essentials/Premium with Mobile licensing. AnyConnect may never be used with non-Cisco servers.
Trial AnyConnect Apex (ASA) licenses are available for administrators at www.cisco.com/go/license
AnyConnect for iOS requires Cisco Adaptive Security Appliance (ASA) Boot image 8.0(4) or later.
Per App VPN requires ASA 9.3(2) or later (5500-X/ASAv only) with Plus, Apex or VPN Only licensing and a minimum Apple iOS version of 10.x.
For additional licensing questions, please contact ac-mobile-license-request (AT) cisco.com and include a copy of "show version" from your Cisco ASA.
Licensing Ordering Guide: http://www.cisco.com/c/dam/en/us/products/security/anyconnect-og.pdf
Cisco AnyConnect provides reliable and easy-to-deploy encrypted network connectivity from any Apple iOS by delivering persistent corporate access for users on the go. Whether providing access to business email, a virtual desktop session, or most other iOS applications, AnyConnect enables business-critical application connectivity. Through the use of Datagram Transport Layer Security (DTLS), TCP-based applications and latency-sensitive traffic (such as voice over IP [VoIP]) are provided an optimized communication path to corporate resources.
Additionally, AnyConnect support IPsec IKEv2 with Next Generation Encryption.
- Automatically adapts its tunneling to the most efficient method possible based on network constraints, using TLS and DTLS.
- DTLS provides an optimized connection for TCP-based application access and latency-sensitive traffic, such as VoIP traffic
- Network roaming capability allows connectivity to resume seamlessly after IP address change, loss of connectivity, or device standby
- Wide Range of Authentication Options: RADIUS, RSA SecurID, Active Directory/Kerberos, Digital Certificates, LDAP, multifactor authentication
- Supports certificate deployment using Apple iOS and AnyConnect integrated SCEP
- Compatible with Apple iOS Connect On Demand VPN capability for automatic VPN connections when required by an application
- Policies can be preconfigured or configured locally, and can be automatically updated from the VPN headend
- Access to internal IPv4 and IPv6 network resources
- Administrator-controlled split / full tunneling network access policy
- Per App VPN (TCP and UDP) - MDM controlled
If you are an end-user and have any issues or concerns, please contact your organization’s support department. If you are a System Administrator having difficulties configuring or utilizing the Application, please contact your designated support point of contact.
If you would like to give feedback, suggestions, or leave comments directly to the team, you can reach us on Twitter @anyconnect.
End user license:
General improvements and bug fixes.
Please report any questions or problems to firstname.lastname@example.org.
Please note that in the 4.9 AnyConnect releases certain less secure cipher suites have been removed. If you have difficulty connecting please contact your system administrator.
* For SSL VPN, AnyConnect no longer supports the following cipher suites from both TLS and DTLS:
* DHE-RSA-AES256-SHA and DES-CBC3-SHA
* For IKEv2/IPsec, AnyConnect no longer supports the following algorithms:
* Encryption algorithms: DES and 3DES
* Pseudo Random Function (PRF) algorithm: MD5
* Integrity algorithm: MD5
* Diffie-Hellman (DH) groups: 2, 5, 14, 24
Please see: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect49/release/notes/release-notes-apple-ios-anyconnect-4-9.html#Cisco_Reference.dita_dd92937a-8748-4d79-80fa-e99120b268cc
AnyConnect 4.9 on iOS adds support for multiple tunnels (requires MDM/EMM configuration).
Ratings and ReviewsSee All
Update: it turned out that the ‘unable to import certificate’ was a temporary problem and I was able to import the certificate the next day.
I am no longer able to import certificate for my vpn in this app. (Error message: ‘import PKCS12 failed with error’)
I imported the same certificate to anyconnect on another ipad (ios13)a couple months ago, and to legacy anyconnect on my current ipad (ios11) about a year ago.
But now I can neither delete nor import the certificate in either anyconnect or legacy anyconnect on any of the two ipads.
iOS 14 issues (?)
Using this app for work, but since my upgrade to iOS 14 the app began to block my internet connection. I’m at home, connected to WiFi and connected to anyconnect. I need to walk my dog outside, I take my phone go out, WiFi connection is dropped, LTE is in place - no connection to the internet as well as to my corporate resources (everything was fine on iOS 13, flawless reconnection from/to WiFi <-> mobile network). Now I need to disconnect from my corp gateway (and I’m online again), I connect to corp gateway (enter credentials, second factor etc., more time) and then everything works until I get to WiFi zone, where my phone connects to the hotspot and I’m offline again until I disconnect Cisco.
Same stuff happens in the office now: I go from the corridor to elevator, WiFi drops, LTE lives and I’m offline.
Can’t use the app now as I need to disconnect and reconnect manually now.
Developer Response ,
Apple has resolved this issue in iOS 14.1.
VPN Automatically connects without user permission
At least once daily, at a random time of day, the VPN will connect automatically and with no notification that it has done so. The little VPN logo just pops up on the top left all of a sudden. Considering a VPN routes all traffic through Cisco's network, this is an unacceptable privacy invasion. Also annoying bc there are random websites like 9to5mac that are blocked by Cisco and before I realized what was happening, was confused as to why it wasn't loading suddenly. The only way to prevent this is to delete the app between uses and reinstall. Before using the VPN for the first time each install, it won't auto connect so I basically avoid this app like the plague.
I do work at Cisco and yes it does. Something is turning it on without me opening any Cisco apps including any connections so this is because of Cisco not another IT department
Developer Response ,
AnyConnect does not automatically connect; it is only triggered by the UI or by On-Demand or Per-App VPN profiles configured on the device. If these profiles are pushed to your device by your IT department we have no control over that. Also, the VPN traffic does not go over Cisco's network (unless you work for Cisco); it travels through your own corporate network to which you are connecting.
With Family Sharing set up, up to six family members can use this app.