DEV Community

Posted on

User needs Always On VPN on iOS

iOS user needs access to a StrongSwan VPN.

Current Solution:
Create a custom .mobileconfig file for IKEv2 from a template. The template was originally create in Apple Configurator. I could create a brand new .mobileconfig file, but getting all the settings right was annoying. For now I just edit the username and password and distribute the .mobileconfig myself.

Planned Future Solution:

  • Enter user's full name into a script.
  • Semi-randomized username (ex. and complex password are generated.
  • Username and password are inserted into the .mobileconfig file.
  • Username and password are added to the /etc/ipsec.secrets file on the VPN server.
  • StrongSwan is restarted.

Example Code Snippet:

Enter fullscreen mode Exit fullscreen mode

Reading all this makes me think that I need to learn our MDM better.

Discussion (0)