Thanks for your attention.
We do not use that configuration. Please find the mobileconfig below (credentials stripped)
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>IPv4</key>
<dict>
<key>OverridePrimary</key>
<integer>0</integer>
</dict>
<key>PayloadDescription</key>
<string>VPN-Einstellungen konfigurieren, inkl. Authentifizierung.</string>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>PayloadIdentifier</key>
<string>device.vpn1</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadUUID</key>
<string>11b2c633-5106-47ce-92da-4648bc3d2540</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Proxies</key>
<dict/>
<key>UserDefinedName</key>
<string>VPN</string>
<key>VPN</key>
<dict>
<key>AuthenticationMethod</key>
<string>Certificate</string>
<key>OnDemandEnabled</key>
<integer>1</integer>
<key>OnDemandRules</key>
<array>
<dict>
<key>Action</key>
<string>Disconnect</string>
<key>InterfaceTypeMatch</key>
<string>WiFi</string>
<key>SSIDMatch</key>
<array>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_1</string>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_2</string>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_3</string>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_4</string>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_5</string>
<string>Placeholder_SSID_hgfwerubUZ#Buerg8J73hwg_6</string>
</array>
</dict>
<dict>
<key>Action</key>
<string>EvaluateConnection</string>
<key>ActionParameters</key>
<array>
<dict>
<key>Domains</key>
<array>
<string>*.fitz.box</string>
</array>
<key>DomainAction</key>
<string>ConnectIfNeeded</string>
</dict>
</array>
</dict>
<dict>
<key>Action</key>
<string>Ignore</string>
</dict>
</array>
<key>PayloadCertificateUUID</key>
<string>77abca45-4018-4108-a0b2-7ddf6403c335</string>
<key>RemoteAddress</key>
<string>DEFAULT</string>
</dict>
<key>VPNSubType</key>
<string>net.openvpn.connect.app</string>
<key>VPNType</key>
<string>VPN</string>
<key>VendorConfig</key>
<dict>
<key>ca</key><string>-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----</string>
<key>cipher</key>
<string>AES-256-CBC</string>
<key>client</key>
<string>NOARGS</string>
<key>dev</key>
<string>tun</string>
<key>inactive</key><string>180 30720</string>
<key>key-direction</key>
<string>1</string>
<key>nobind</key>
<string>NOARGS</string>
<key>persist-key</key>
<string>NOARGS</string>
<key>persist-tun</key>
<string>NOARGS</string>
<key>port</key><string>1194</string>
<key>proto</key>
<string>udp</string>
<key>pull</key>
<string>NOARGS</string>
<key>remote</key><string>example.com</string>
<key>remote-cert-tls</key>
<string>server</string>
<key>tls-auth</key><string>#\n# 2048 bit OpenVPN static key\n#\n-----BEGIN OpenVPN Static key V1-----\n...\n-----END OpenVPN Static key V1-----</string>
<key>tls-client</key>
<string>NOARGS</string>
<key>verb</key>
<string>3</string>
</dict>
</dict>
<dict>
<key>PayloadCertificateFileName</key><string>user:test.p12</string>
<key>PayloadContent</key>
<data>
MIINEQIBAzCCDNcGCSqGSIb3DQEHAaCCDMgEggzEMIIMwDCCB3cGCSqGSIb3DQEHBqCCB2gwggdk
...
AgEAMIIHA==
</data>
<key>PayloadDescription</key>
<string>Sorgt für die Geräte-Authentifizierung (Zertifikat oder Identität).</string>
<key>PayloadDisplayName</key><string>user:test.p12</string>
<key>PayloadIdentifier</key>
<string>device.Zertifikat</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.security.pkcs12</string>
<key>PayloadUUID</key>
<string>77abca45-4018-4108-a0b2-7ddf6403c335</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string>Profile
</string>
<key>PayloadDisplayName</key>
<string>VPN</string>
<key>PayloadIdentifier</key>
<string>device</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>9c725f51-5b19-4d2e-a81e-6505866bd5af</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
The profile is accepted by iOS but loads to the following errors in OpenVPN connect:
Code: Select all
[Aug 31, 2022, 12:27:49] NIP: couldn't parse native profile
[Aug 31, 2022, 12:27:49] EVENT: CONFIG_FILE_READ_ERROR One of ProfileContent, ProfilePath, or ProfileDict must be defined [ERR]
[Aug 31, 2022, 12:27:49] EVENT: DISCONNECT_PENDING
[Aug 31, 2022, 12:27:49] Raw stats on disconnect:
[Aug 31, 2022, 12:27:49] Performance stats on disconnect:
CPU usage (microseconds): 8100
Network bytes per CPU second: 0
Tunnel bytes per CPU second: 0
The same profiles used to work before updating to 3.3.0/3.3.2.
Any other ideas? Thanks!