Bug #13878
closedIPsec Profile Wizard/Apple: Generated profile does not contain the correct ``AuthenticationMethod`` for IKEv2 EAP configurations
100%
Description
When importing a profile for EAP-MSCHAPv2 for example, the AuthenticationMethod
is set to Certificate
when it should be None
. We set ExtendedAuthEnabled
properly.
As a result the imported profile defaults to trying cert auth until the user edits the connection and adds their username/password.
I'm not sure if this is a recent change or what, I seem to recall it working OK in the past. The reference doc from Apple isn't too clear on some aspects here, so it probably needs testing of each type (e.g. non-EAP, EAP user auth, EAP TLS) to ensure they all behave as expected.
Updated by Jim Pingle almost 2 years ago
- Subject changed from Apple IPsec profile export is not setting the correct AuthenticationMethod for EAP auth to IPsec Profile Wizard/Apple: Generated profile does not contain the correct ``AuthenticationMethod`` for IKEv2 EAP configurations
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Feedback
Fixed in IPsec Profile Wizard pkg v. 1.1, which has been committed and will be available with the next build.
Updated by Danilo Zrenjanin over 1 year ago
Tested on:
MacOS Version 13.3.1 ipsec-profile-wizard 1.1_1
1. EAP-TLS method - Works with no issues.
2. EAP-Radius method - Works with no issues.
3. EAP-MSChapv2 method - Works with no issues.
I am marking this ticket as resolved.
Updated by Danilo Zrenjanin over 1 year ago
- Status changed from Feedback to Resolved