How Do I Fix The VPN Configuration Download?






If you configure an IPSec VPN Remote Access VPN on a USG FLEX H series, you have the option for a “VPN Configuration Download for Native VPN Client” for Windows, iOS/macOS, and Android (strongSwan).
The iOS/macOS download produced an Apple style .mobileconfig profile. Since it did not work on one of the test Macs, I opened it with the Apple Configurator tool.
The Apple Configuration Tool indicated that a required value was missing.
Local Identifier
FQDN, UserFQDN, Address or ASN1DN local identifier
Apple Configurator says the field is[required]
.
But the USG FLEX I've got a router generated .mobileconfig profile for which that field is missing. I’m hoping if I add the correct value to this field, that it will work in some machines that it is not working in.
IKEv2 MDM settings for Apple devices - Apple Support
Found the following on the above Apple site, but I'm still not certain exactly what this value is or where to get it.
Local Identifier
This value should usually match the user/device certificate’s identity (Subject Alternative Name or Subject Common Name), since server implementation may require that match to validate the client’s identity.
Rather than wait for a bug fix, I'd like to put in the right value. But, I'm not sure exactly what goes here, or how to get it.
All Replies
Categories
- All Categories
- 418 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 110 Nebula Status and Incidents
- 5.9K Security
- 339 USG FLEX H Series
- 287 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 260 Service & License
- 403 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight