<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <!-- https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html --> <key>PayloadDisplayName</key> <string>{{ gateway }}</string> <key>PayloadDescription</key> <string>IPSec IKEv2 VPN connection via {{ gateway }}</string> <!-- This is a reverse-DNS style unique identifier used to detect duplicate profiles --> <key>PayloadIdentifier</key> <string>{{ gateway }}</string> <key>PayloadUUID</key> <string>{{ service_uuid }}</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadContent</key> <array> <dict> <key>PayloadIdentifier</key> <string>{{ gateway }}.conf1</string> <key>PayloadUUID</key> <string>{{ conf_uuid }}</string> <key>PayloadType</key> <string>com.apple.vpn.managed</string> <key>PayloadVersion</key> <integer>1</integer> <key>UserDefinedName</key> <string>{{ gateway }}</string> <key>VPNType</key> <string>IKEv2</string> <key>IKEv2</key> <dict> <key>RemoteAddress</key> <string>{{ gateway }}</string> <key>RemoteIdentifier</key> <string>{{ gateway }}</string> <key>LocalIdentifier</key> <string>{{ common_name }}</string> <key>ServerCertificateIssuerCommonName</key> <string>{{ authority.certificate.common_name }}</string> <key>ServerCertificateCommonName</key> <string>{{ gateway }}</string> <key>AuthenticationMethod</key> <string>Certificate</string> <key>IKESecurityAssociationParameters</key> <dict> <key>EncryptionAlgorithm</key> <string>AES-256</string> <key>IntegrityAlgorithm</key> <string>SHA2-384</string> <key>DiffieHellmanGroup</key> <integer>14</integer> </dict> <key>ChildSecurityAssociationParameters</key> <dict> <key>EncryptionAlgorithm</key> <string>AES-128-GCM</string> <key>IntegrityAlgorithm</key> <string>SHA2-256</string> <key>DiffieHellmanGroup</key> <integer>14</integer> </dict> <key>EnablePFS</key> <integer>1</integer> <key>PayloadCertificateUUID</key> <string>{{ p12_uuid }}</string> </dict> </dict> <dict> <key>PayloadIdentifier</key> <string>{{ common_name }}</string> <key>PayloadUUID</key> <string>{{ p12_uuid }}</string> <key>PayloadType</key> <string>com.apple.security.pkcs12</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadContent</key> <data>{{ p12 }}</data> </dict> <dict> <key>PayloadIdentifier</key> <string>{{ authority.certificate.common_name }}</string> <key>PayloadUUID</key> <string>{{ ca_uuid }}</string> <key>PayloadType</key> <string>com.apple.security.root</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadContent</key> <data>{{ ca }}</data> </dict> </array> </dict> </plist>