Hello guys
I’ve been trying to get IPsec Xauth to work between a Mikrotik Routerboard and iOS for a road worrier setup as described here: https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Road_Warrior_setup_with_Mode_Conf
Looking through the forum I found this thread from 2013: http://forum.mikrotik.com/t/iphones-cisco-vpn-without-split-tunneling-not-working/71975/1
This partially solved my problem, it connects now. Also, after looking at the above wiki page again after reading the forum thread, the remark in the iOS section finally made sense. I never wanted split tunnelling, I just wanted everything to go through the tunnel. So, I never set split include to 0.0.0.0/0 and just ignored that remark, but obviously not selecting this option at all in ROS does actually set 0.0.0.0/0 for split include and thus it was unable to connect. (making that remark a bit clearer in the wiki might be a good idea – or maybe I was just being unnecessarily complicated)
Now I still need to get IPsec Xauth on iOS to send everything through the tunnel tough. How could I achieve this? And for anybody asking, no I can’t use l2tp/IPsec nor ikve2 for many reasons, mainly other devices needing to connect to that same VPN which don’t support anything else than IPsec Xauth.