Hi all,
I've been working on this on and off for the past several months and have not been able to make much headway. For infrastructure, we are using a Microsoft AD CS for issuing user certificates and a Fortigate device for the VPN. I am able to create a config profile with SCEP, Certificate, and VPN payloads and the user certificate is being correctly created. I've been running into trouble figuring out the correct option for the VPN. It sounds like IPsec VPNs on iOS do not support user certificate authentication.
My goal is to have the VPN tunnel brought up when a student is off-campus, using the on-demand feature, and having them automatically authenticated using a user certificate so they never need to enter their password. Is this even possible? BTW, all iPads will be running the latest version of iOS 10.
Thanks,
Doug
