Is there any way to do IKEv2 only using EAP-RADIUS on Apple clients?

  • I have a RADIUS server set up on my pfSense box set to use Google Authenticator. I'd like to have my mobile users log in with their username and password/PIN
    +Google Authenticator rotating number which is plenty of authentication for us. All of the step by step tutorials I see for working VPN configs on iOS/OSX only use certificates and I have to generate a unique user certificate for every user.

    Is it possible to do what I'm trying to do with IKEv2? I know IKEv1 can do a preshared secret and then use EAP-RADIUS but IKEv1 seems flaky on pfSense + Apple products.

Log in to reply