Mobileconfig IOS IKEv2
IKEv2 EAP-MSCHAPv2
vpn.mobileconfig
Proxy Disabled
IP Adressen und text Daten müssen an die jeweilige Verbindung angepasst werden.
IPsec Proposals auf dem Server
ike=aes256-sha1-modp2048
esp=aes256-sha1-modp2048
><?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>IKEv2</key>
<dict>
<key>AuthName</key>
<string>_Your_Name_</string>
<key>AuthPassword</key>
<string>_Your_Password_</string>
<key>AuthenticationMethod</key>
<string>Certificate</string>
<key>ChildSecurityAssociationParameters</key>
<dict>
<key>DiffieHellmanGroup</key>
<integer>14</integer>
<key>EncryptionAlgorithm</key>
<string>AES-256</string>
<key>IntegrityAlgorithm</key>
<string>SHA-256</string>
<key>LifeTimeInMinutes</key>
<integer>1440</integer>
</dict>
<key>DeadPeerDetectionRate</key>
<string>Medium</string>
<key>DisableMOBIKE</key>
<integer>0</integer>
<key>DisableRedirect</key>
<integer>0</integer>
<key>EnableCertificateRevocationCheck</key>
<integer>0</integer>
<key>EnablePFS</key>
<integer>1</integer>
<key>ExtendedAuthEnabled</key>
<true/>
<key>IKESecurityAssociationParameters</key>
<dict>
<key>DiffieHellmanGroup</key>
<integer>14</integer>
<key>EncryptionAlgorithm</key>
<string>AES-256</string>
<key>IntegrityAlgorithm</key>
<string>SHA-256</string>
<key>LifeTimeInMinutes</key>
<integer>1440</integer>
</dict>
<key>LocalIdentifier</key>
<string>_Your_Ident_</string>
<key>RemoteAddress</key>
<string>_1.1.1.1_</string>
<key>RemoteIdentifier</key>
<string>_Remote_Ident_</string>
<key>ServerCertificateIssuerCommonName</key>
<string>Let's Encrypt Authority X3</string>
<key>SharedSecret</key>
<string>_Password_</string>
<key>UseConfigurationAtributeInternalIPSubnet</key>
<integer>0</integer>
</dict>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<!-- VPN im Mobilfunknetz aktivieren -->
<key>InterfaceTypeMatch</key>
<string>Cellular</string>
<key>Action</key>
<string>Connect</string>
</dict>
<dict>
<!-- VPN bei ausgewählten WLAN-Netzen deaktivieren -->
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>SSIDMatch</key>
<array>
<string>_Your_Wifi_Name</string>
<string>_Your_Wifi_Name</string>
</array>
<key>Action</key>
<string>Disconnect</string>
</dict>
<dict>
<!-- VPN bei aktiver WLAN-Verbindung aktivieren -->
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>Action</key
<string>Connect</string>
</dict>
<dict>
<!-- VPN Default state -->
<key>Action</key>
<string>Connect</string>
</dict>
<!-- VPN beim Zugriff auf Heimnetz-Adressen aufbauen -->
<dict>
<key>Action</key>
<string>EvaluateConnection</string>
<key>ActionParameters</key>
<array>
<dict>
<key>Domains</key>
<array>
<string>https://_domain.de_</string>
<string>https://_domain.de_</string>
<string>https://_domain.de_</string>
</array>
<key>DomainAction</key>
<string>ConnectIfNeeded</string>
</dict>
</array>
</dict>
</array>
<key>PayloadDescription</key>
<string>Configures VPN settings</string>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>PayloadIdentifier</key>
<string>com.apple.vpn.managed.FBFBDEF8-5B16-4863-91C1-7E2A68F848A3</string>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadUUID</key>
<string>425A1628-E99B-4547-966E-5B967CF1F5EA</string>
<key>PayloadVersion</key>
<real>1</real>
<key>Proxies</key>
<dict>
<key>HTTPEnable</key>
<integer>0</integer>
<key>HTTPPort</key>
<integer>3128</integer>
<key>HTTPProxy</key>
<string>1.1.1.1</string>
<key>HTTPSEnable</key>
<integer>0</integer>
<key>HTTPSPort</key>
<integer>3128</integer>
<key>HTTPSProxy</key>
<string>1.1.1.1</string>
</dict>
<key>UserDefinedName</key>
<string>_Name_der_Verbindung</string>
<key>VPNType</key>
<string>IKEv2</string>
<key>VendorConfig</key>
<dict/>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>IKEv2</string>
<key>PayloadIdentifier</key>
<string>C7918ABA-8DE8-40ED-A3AE-994CD40ACE22</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>9697F3C2-FF20-4981-A0C4-AA36BA78EEEA</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>1</integer>
</dict>
</dict>
</plist>
Published
24 April 2018