I need to find an easy way (multi-click solution) for Mac OS X users to import an IPsec VPN VPN . I have learned that there is a way in Mac OS X prior to export the network connection settings in "System Settings" → "Network" .
When exporting a network connection, a .networkConnect file is created , which contains sensitive data , such as ExportedSharedSecret and ExportedPassword encrypted by some algorithm, and then encoded by the base46.
I am wondering what algorithms are used to encrypt this sensitive data and how can I create such .networkConnect files under linux , so users can download the created .networkConnect files from my server and import the VPN settings in Mac OS X?
Here is an example .networkConnect file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>L2TP</key>
<dict>
<key>UserConfigs</key>
<array>
<dict>
<key>EAP</key>
<dict/>
<key>IPSec</key>
<dict>
<key>AuthenticationMethod</key>
<string>SharedSecret</string>
<key>ExportedSharedSecret</key>
<data>
EPANULrdr4/H5mwY6iBGprwzIYfWG4Ep
</data>
</dict>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>my_account</string>
<key>AuthPasswordEncryption</key>
<string>Keychain</string>
<key>CommRemoteAddress</key>
<string>192.168.1.8</string>
<key>ExportedPassword</key>
<data>
EPANVaLSgprCymwK5iBH0l/KJ1C3wBkh
</data>
<key>UserDefinedName</key>
<string>my_configuration</string>
</dict>
</dict>
</array>
</dict>
</dict>
</plist>
source
share