Hello,
I have created a couple of patches for review. They intoduce creating IPsec roadwarrior connections for Apple devices.
IPsec connections can be easily exported as an XML structure which can be imported into any iOS or macOS device.
Those connections allow that all traffic from that device can be routed through an IPFire instance in a data center and split-horizon VPNs are supported, too.
The configuration is as simple as usual although Apple has some (sane) requirements to certificate lifetimes and really makes sure that they are talking to the correct peer.
I have added a wiki page that explains how the connection needs to be set up:
https://wiki.ipfire.org/configuration/services/ipsec/apple
I would like to encourage everyone to review my patches and test them as well as the provided documentation.
As soon as I have some feedback, I would like to put this patchset forward to be merged into the next Core Update.
Best, -Michael