Got it sorted out. If anyone is interested, the AuthenticationMethod is the local and remote Auth methods, but, if ExtendedAuthEnabled is 1, then AuthenticationMethod is the remote end Auth while the Local end uses EAP(XAUTH) for authentication
On Mon, Jan 13, 2020 at 2:28 PM Felipe Arturo Polanco < [email protected]> wrote: > Hello, > > I'm trying to set up a strongswan client for an IKEv2 server that works > fine over Mac OS. > > They provide this mobileconfig setting but I'm confused since they are > using PSK and Username+password at the same time, does Mac OS X support > multiple authentication rounds in IKEv2? > How would this file translate to a swanctl config? > > <key>IKEv2</key> > <dict> > <key>RemoteIdentifier</key> > <string>myvpn.com</string> > <key>AuthenticationMethod</key> > <string>SharedSecret</string> > <key>SharedSecret</key> > <string>00000000</string> > <key>LocalIdentifier</key> > <string>john003</string> > <key>RemoteAddress</key> > <string>myvpn.com</string> > <key>ExtendedAuthEnabled</key> > <integer>1</integer> > <key>AuthName</key> > <string>john003</string> > <key>AuthPassword</key> > <string>changeme</string> > > Thanks, >
