Whiteangle » 2009

Archive for April, 2009

Configuring the Nokia E71 VPN client for a Cisco system

April 23rd, 2009 | Category: Nokia E71

I embarked on this effort in an effort to syncronise my phone calendar and contacts with the Exchange server at work when I was unable to get the desired 2 way sync over the air using the other tools that are out there at the moment (Google mobile sync, Nokia PC suite etc).

The Nokia VPN client supports a variety of VPN systems which is one of the reasons that it is a nightmare to configure. That coupled with a baffling “Configuration Tool” that lists a raft of parameters and settings, none of which seemed to be mentioned anywhere in the Cisco VPN client that I had on my PC and was trying to emulate.

All I really wanted to configure were

a VPN gateway (IP address)
a Group name
A Group Password
A username
A user password

This proved a lot more difficult than I expected.

It turns out that the terminology I needed to know, that was used on the Nokia VPN configuration tool was

The Cisco VPN that supports Group and User authenticate is “Cisco ASA using Private Shared Key” authorisation – There is a template that you can load which populates most of the settings
Authentication method is Pre Shared key
Identity type is 11 – Vendor specific
Identity Value is the Groupname
The Preshared key is the group password (un-encrypted)
There is nowhere to provide the username/password, you are prompted for this by the client when you connect
This form of authorisation, Group > User is called XAUTH which should be set to TRUE in the tool
I needed to change the Encryption algorithm to 3DES-CBC in both the IPsec settings and the IKE proposals section so I recommend fiddling with this setting if nothing is working
I also changed Send notification in the IKE settings to TRUE but I don’t know if thats important