I found that the protocol supported by NEPacketTunnelProvider is NETunnelProviderProtocol, or NEProtocol. But how do I use ikev2 or IPSec? For example, certificate verification, shared secret, etc., how do I add these configurations?
But how do I use ikev2 or IPSec? For example, certificate verification, shared secret, etc., how do I add these configurations?
When using NEPacketTunnelProvider this assumes that you will build the protocol implementation by hand because the tunnel hands you the raw IP packets. For example, when you read packets from NEPacketTunnelFlow you would take those packets and implement your own IKEv2 or IPsec stack to encapsulate those packets yourself to talk to your VPN server.
Having said that there also is the option to use NEVPNManager which is considered a personal VPN and not an Enterprise VPN, like NEPacketTunnelProvider. When using NEVPNManager you can then take advantage of using the system provided NEVPNProtocolIPSec and NEVPNProtocolIKEv2 APIs for packet encapsulation.