Scattered among the "hexadecimal sorcery" is actually a lot of useful information, just ignore the rows with the hex and read the rest.Anyone knows how to configure ipsec logging to have more meaningful information? Setting up ipsec,debug,!packet includes lots of hexadecimal sorcery but no useful information
It used to be 24 minutes, maybe Apple has further shortened the time? viewtopic.php?t=205790Anyone has this working and would share their settings for proposal & profile?
I had to create a dedicated proposal and configure the Apple clients to use responder ID (I don't remember the field name in the iOS form though):
/ip ipsec proposal
add auth-algorithms="" enc-algorithms=aes-256-gcm lifetime=23m19s name=apple pfs-group=ecp256
/ip ipsec policy group
add name=apple
/ip ipsec policy
add group=apple proposal=apple template=yes
/ip ipsec identity
add auth-method=eap-radius certificate=letsencrypt-autogen_2024-10-24T00:35:26Z,LetsEncryptR11 generate-policy=port-strict mode-config=apple my-id=fqdn:apple.inc peer=ike2-responder policy-template-group=apple
Statistics: Posted by sindy — Tue Dec 31, 2024 7:08 pm