summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/ios_profile.tmpl
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ipsec/ios_profile.tmpl')
-rw-r--r--data/templates/ipsec/ios_profile.tmpl20
1 files changed, 7 insertions, 13 deletions
diff --git a/data/templates/ipsec/ios_profile.tmpl b/data/templates/ipsec/ios_profile.tmpl
index 49e8b0992..af6c79d6e 100644
--- a/data/templates/ipsec/ios_profile.tmpl
+++ b/data/templates/ipsec/ios_profile.tmpl
@@ -58,35 +58,29 @@
<!-- The client uses EAP to authenticate -->
<key>ExtendedAuthEnabled</key>
<integer>1</integer>
-{% if ike_proposal is defined and ike_proposal is not none %}
<!-- The next two dictionaries are optional (as are the keys in them), but it is recommended to specify them as the default is to use 3DES.
IMPORTANT: Because only one proposal is sent (even if nothing is configured here) it must match the server configuration -->
<key>IKESecurityAssociationParameters</key>
-{% for ike, ike_config in ike_proposal.items() %}
<dict>
<!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2encryptionalgorithm -->
<key>EncryptionAlgorithm</key>
- <string>{{ ike_config.encryption | upper }}</string>
+ <string>{{ ike_encryption.encryption }}</string>
<!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2integrityalgorithm -->
<key>IntegrityAlgorithm</key>
- <string>{{ ike_config.hash | upper }}</string>
+ <string>{{ ike_encryption.hash }}</string>
<!-- @see https://developer.apple.com/documentation/networkextension/nevpnikev2diffiehellmangroup -->
<key>DiffieHellmanGroup</key>
- <integer>{{ ike_config.dh_group | upper }}
+ <integer>{{ ike_encryption.dh_group }}</integer>
</dict>
-{% endfor %}
-{% endif %}
-{% if esp_proposal is defined and esp_proposal is not none %}
<key>ChildSecurityAssociationParameters</key>
-{% for esp, esp_config in esp_proposal.items() %}
<dict>
<key>EncryptionAlgorithm</key>
- <string>{{ esp_config.encryption | upper }}</string>
+ <string>{{ esp_encryption.encryption }}</string>
<key>IntegrityAlgorithm</key>
- <string>{{ esp_config.hash | upper }}</string>
+ <string>{{ esp_encryption.hash }}</string>
+ <key>DiffieHellmanGroup</key>
+ <integer>{{ ike_encryption.dh_group }}</integer>
</dict>
-{% endfor %}
-{% endif %}
</dict>
</dict>
<!-- This payload is optional but it provides an easy way to install the CA certificate together with the configuration -->