diff options
Diffstat (limited to 'data/templates/ipsec/ios_profile.tmpl')
-rw-r--r-- | data/templates/ipsec/ios_profile.tmpl | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/data/templates/ipsec/ios_profile.tmpl b/data/templates/ipsec/ios_profile.tmpl index 49e8b0992..af6c79d6e 100644 --- a/data/templates/ipsec/ios_profile.tmpl +++ b/data/templates/ipsec/ios_profile.tmpl @@ -58,35 +58,29 @@ <!-- The client uses EAP to authenticate --> <key>ExtendedAuthEnabled</key> <integer>1</integer> -{% if ike_proposal is defined and ike_proposal is not none %} <!-- The next two dictionaries are optional (as are the keys in them), but it is recommended to specify them as the default is to use 3DES. IMPORTANT: Because only one proposal is sent (even if nothing is configured here) it must match the server configuration --> <key>IKESecurityAssociationParameters</key> -{% for ike, ike_config in ike_proposal.items() %} <dict> <!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2encryptionalgorithm --> <key>EncryptionAlgorithm</key> - <string>{{ ike_config.encryption | upper }}</string> + <string>{{ ike_encryption.encryption }}</string> <!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2integrityalgorithm --> <key>IntegrityAlgorithm</key> - <string>{{ ike_config.hash | upper }}</string> + <string>{{ ike_encryption.hash }}</string> <!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2diffiehellmangroup --> <key>DiffieHellmanGroup</key> - <integer>{{ ike_config.dh_group | upper }} + <integer>{{ ike_encryption.dh_group }}</integer> </dict> -{% endfor %} -{% endif %} -{% if esp_proposal is defined and esp_proposal is not none %} <key>ChildSecurityAssociationParameters</key> -{% for esp, esp_config in esp_proposal.items() %} <dict> <key>EncryptionAlgorithm</key> - <string>{{ esp_config.encryption | upper }}</string> + <string>{{ esp_encryption.encryption }}</string> <key>IntegrityAlgorithm</key> - <string>{{ esp_config.hash | upper }}</string> + <string>{{ esp_encryption.hash }}</string> + <key>DiffieHellmanGroup</key> + <integer>{{ ike_encryption.dh_group }}</integer> </dict> -{% endfor %} -{% endif %} </dict> </dict> <!-- This payload is optional but it provides an easy way to install the CA certificate together with the configuration --> |