Hello,
I wanted to give an update to the list about some recent improvements to IPSec
support in Apple’s operating systems. Apple has released the public betas for
iOS 9 and OS X El Capitan today, available at beta.apple.com
<http://beta.apple.com/>.
As part of these releases, we have extended support for IKEv2, and have made
IKEv2 the default VPN type. Here is a brief summary of what has changed for
these releases:
- IKEv2 is now manually configurable for both iOS and OS X, and is now the
default VPN type when adding new VPN configurations. We support manual
configuration of EAP-MSCHAPv2, EAP-TLS, no-EAP certificate auth, and no-EAP
shared secret auth. We also support configuring IKEv2 using a configuration
profile, which provides many more options for different authentication types,
crypto algorithms, and enabling/disabling features.
- We now enable MOBIKE (RFC 4555) by default
- We now support IKEv2 Message Fragmentation (RFC 7383)
- We now support server redirect (RFC 5685)
- We support suite-B crypto algorithms
I encourage anyone who is interested to download the betas and try out IKEv2!
If you have feedback or questions, please send them my way. I’ll also be
attending the meeting in Prague.
Best,
Tommy Pauly
Core OS Networking, Apple
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
