On 26/02/13 23:38, Fiederling, Daniel wrote: > Hi, > > I'm currently working on a prototype vpn setup which aims to connect a large > number of iPads to our company network. My goal is to connect the iPads via > the built-in Cisco-compatible IPsec client with authby=rsasig without xauth. > The main reason for not using xauth is that the devices are centrally managed > by a mdm system which allows to configure the vpn profile and certificates. > We don't want our users to input a password upon every connect and as far as > I know Apple doesn't allow to preconfigure user/pass for xauth. Using PSK > isn't a solution for use due to the large number of devices. Hi Daniel,
You can actually 1) disable xauth by including XAuthEnabled=0 in the mdm profile's ipsec section 2) include the user/pass in the profile by including XAuthName and XAuthPassword in the profile - It is not possible to disable xauth via the iOS interface itself; only via a profile. - even if you don't preconfigure the user/pass for xauth, iOS will save them after the first successful connect. Regards, Peter _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
