In order to leverage IKEv2 within your Apple Configurator environment two areas need to be modified.
First, the root certificate from the Untangle needs to be added under the Certificates option in the Apple Configurator. The Untangle root certificate can be downloaded under Config > Administration > the Certificates tab.
Second, the VPN needs to be configured under the VPN option in the Apple Configurator. The following fields need to be filled out:
- Connection Name - This is a reference name for administrators to quickly identify this VPN
- Connection Type - IKEv2
- Always-on VPN (supervised only) - ticked
- Server - The hostname or IP address of the Untangle
- Remote Identifier - Normally the same as the Server field, hostname or IP of the Untangle
- Local Identifier - Can be left blank and the Apple devices IP address will be used
- Machine Authentication - Certificate
- Enable EAP - ticked
- EAP Authentication - Username/Password
- Account - Username configured under Local Directory on the Untangle
- Password - Password for the above user