IKEv2 Connection to Untangle using Apple Configurator Profile

[rnatalli]

I'm a pfSense user and dabbling with Untangle which I like so far, but having trouble setting one particular item up. Under pfSense, I have multiple IOS devices connecting via IKEv2; I chose IKEv2 because its ability to aggressively reconnect and also it allows for "On Demand" rules by manually editing Apple Configurator files. Here's how a peer generally connects using DDNS:

iPhone --> ddns.ddns.net (DDNS) --> Verizon FIOS (192.168.1.1) --> Untangle (Router Mode, WAN: 192.168.1.234, LAN: 192.168.2.1)

Unfortunately, the FIOS router I have doesn't allow bridging so I have to double NAT and DMZ, but this has never caused an issue with my pfSense setup. I can get this to work via Xauth and L2TP so I know its reaching the network, but it won't connect with IKEv2 using a tunnel. Based on Untangle's article on this topic, it would seem this should work. With pfSense, I've done this by adding a .p12 file in addition to the CA and Server certificates in Apple Configurator, but that doesn't seem possible with Untangle so I'm using username/password. I keep receiving a user authentication error so I'm sure there's something wrong with my tunnel setup. Given the information above, any help on what I should include in the tunnel setup would be appreciated. Thanks for the help!



Sent from my iPhone using Tapatalk

 

[rnatalli]

This is driving me nuts. Anybody have an idea?


Sent from my iPhone using Tapatalk

 

[rnatalli]

After some back and forth with Untangle Support, it seems an IOS update along the way may have broken this functionality. Looks like IPSec, L2TP, and OpenVPN are the only options for now.