I use the same cert in MacBook and iPhone.
Here's my IPSec conf:
Code: Select all
/ip ipsec mode-config
add address-pool=road-warrior address-prefix-length=32 name=road-warrior
/ip ipsec policy group
add name=road-warrior
/ip ipsec proposal
add auth-algorithms=sha256 enc-algorithms=aes-256-cbc name=road-warrior \
pfs-group=none
/ip ipsec peer
add address=0.0.0.0/0 auth-method=rsa-signature certificate="VPN Server" \
dh-group=modp2048 enc-algorithm=aes-256 exchange-mode=ike2 generate-policy=\
port-strict hash-algorithm=sha256 mode-config=road-warrior passive=yes \
policy-template-group=road-warrior
/ip ipsec policy
add dst-address=10.10.0.0/28 group=road-warrior proposal=road-warrior \
src-address=0.0.0.0/0 template=yes