Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
packetuser
New Contributor

Has anyone successfully deployed IPSEC with IKEv2 for OS X clients?

I can find lots of information about IKEv1 working with OS X clients, but not IKEv2.  Since the Forticlient doesn't support IKEv2, I'm using the native IKEv2 implementation in recent OS X, which I believe is a version of Racoon.  The log output from the client is useless - it just gives me a generic error "Failed to find the VPN app for plugin type com.apple.neplugin.IKEv2".

 

I want to use EAP authentication.  EAP is only configurable on the CLI (at least for 5.2.4, which I'm running).  I've matched the DH groups and encryption settings exactly between the Fortigate and the client.  To tweak the client settings you have to use the Apple Configurator to bake a specialty config that you import into the client, because many of the options aren't accessible on the GUI.

 

So, has anyone gotten this to work? 

1 REPLY 1
Chuck
New Contributor

I have got it to work.

 

all is working except facetime as I used the apple configurator to setup always-on vpn. still figuring that out.

Labels
Top Kudoed Authors