How to configure a CISCO ASA to support the OS X VPN Client

Given that OS X now supports (natively) CISCO IPSec VPN connections I am wondering what the requirements for the VPN configuration are on the remote end?

I have evaluated a number of CISCO devices (in the smaller range, such as the ASA 5505 routers, as well as the RV120W and the WRVS4400N devices) and haven't had a lot of luck getting them to talk to the VPN via the built in Client, however when I use something such as IPSecuritas from Lobotomo I am able to establish a connection without any issues.

So what is the ideal configuration to get this working? I would honestly prefer to not have to install a VPN client on my systems and simply use the built in client.

Solution 1:

Since Apple claims that Cisco VPN is natively supported, and it is explained in detail here, my guess would be a VPN configuration issue or mismatch.

It may be a matter of matching the Remote Access VPN setup to the OSX client, instead of the other way around.

Solution 2:

From my experience, you will have to create a group on the ASA and assign it a password. You then add the user to this group.

In OSX, the account name and password is of the user's. Then under "Authentication Settings" type in the password (shared secret) for the group you configured on the ASA and type in the name of the group in the "Group Name" field.