I have created the VPN profile below with Apple Configuration 2, however when I try to install it from the System Settings, I'm getting the error message below:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>DNS</key>
<dict>
<key>SupplementalMatchDomainsNoSearch</key>
<integer>0</integer>
</dict>
<key>IKEv2</key>
<dict>
<key>AuthName</key>
<string>john</string>
<key>AuthenticationMethod</key>
<string>None</string>
<key>ChildSecurityAssociationParameters</key>
<dict>
<key>DiffieHellmanGroup</key>
<integer>14</integer>
<key>EncryptionAlgorithm</key>
<string>AES-256</string>
<key>IntegrityAlgorithm</key>
<string>SHA2-256</string>
<key>LifeTimeInMinutes</key>
<integer>1440</integer>
</dict>
<key>DeadPeerDetectionRate</key>
<string>Medium</string>
<key>DisableMOBIKE</key>
<integer>0</integer>
<key>DisableRedirect</key>
<integer>0</integer>
<key>EnableCertificateRevocationCheck</key>
<integer>0</integer>
<key>EnableFallback</key>
<integer>0</integer>
<key>EnablePFS</key>
<integer>0</integer>
<key>ExtendedAuthEnabled</key>
<true/>
<key>IKESecurityAssociationParameters</key>
<dict>
<key>DiffieHellmanGroup</key>
<integer>14</integer>
<key>EncryptionAlgorithm</key>
<string>AES-256</string>
<key>IntegrityAlgorithm</key>
<string>SHA2-256</string>
<key>LifeTimeInMinutes</key>
<integer>1440</integer>
</dict>
<key>LocalIdentifier</key>
<string>1.2.3.4</string>
<key>RemoteAddress</key>
<string>1.2.3.4</string>
<key>RemoteIdentifier</key>
<string>1.2.3.4</string>
<key>UseConfigurationAttributeInternalIPSubnet</key>
<integer>0</integer>
</dict>
<key>PayloadDescription</key>
<string>Configure les réglages VPN</string>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>PayloadIdentifier</key>
<string>com.apple.vpn.managed.E00C3366-E6B6-432F-BBC3-53F7E596F5EE</string>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadUUID</key>
<string>E00C3366-E6B6-432F-BBC3-53F7E596F5EE</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Proxies</key>
<dict>
<key>HTTPEnable</key>
<integer>0</integer>
<key>HTTPSEnable</key>
<integer>0</integer>
</dict>
<key>UserDefinedName</key>
<string>FOO</string>
<key>VPNType</key>
<string>IKEv2</string>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>vpnB3</string>
<key>PayloadIdentifier</key>
<string>MacBook-Pro.4E18BF67-71DA-4BD4-953F-412A575352EE</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>38B9A4E4-325A-4CF7-A8BC-40D186DDDD2F</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
What's wrong with my profile ?
Removing the DNS entry made it work in my case:
I have used Apple Configurator 2 v2.11.1 back in January 2020:
It did not add this to the profile and the import worked with
- macOS Catalina 10.15.2 and
- macOS Monterey 12.1.
I now use Apple Configurator 2 v2.15 (7A23):
The key is added automatically which makes the import fail on
- macOS Monterey 12.1 (21C52).
There is also a little special thing: If you delete it once, it doesn't come back if you save it again via the Apple Configurator 2. It only shows up in new connections.