Indeed it is possible to use iOS native client for IPSec VPN. NGFW SSL Client is available for MAC and Android, not for iOS.
Assuming you already have IPSec Client VPN configured and you would be running at least 5.9 version the configuration also is simple. Basically right-click on your VPN to select Tools > Export iOS VPN Configuration Profile (same option also in VPN Tunnels tab). This then would need to be imported on iOS device. There exists system "iOS Suite" VPN profile for VPN settings.
If you are using older versions main steps in addition to setting up normal IPSec Client VPN include:
- Create certificate request for client and sign it by CA. Both using Internal IPSec CA and external CA are possible, recommend to use same CA for client cert as for gateway VPN cert.
- Export CA and import both CA and client certs on your iOS device
- In VPN profile used make sure "Sa per Net" and "Allow SA to ANY Network" are selected
Thank you for your answer. I tried to export iOS VPN configuration profile, but I get this error:
"VPN Profile used is not the iOS VPN Profile, users would not be able to login correctly."
I have only Mobile VPN configured (no site to site VPNs), which woks in IPSec ant SSL mode with VPN client (PC and Android) whitout problems. Any ideas what is wrong?
Thanks and BR,
there is the system VPN profile called "iOS Suite", try using that in the VPN.