Configuring L2TP VPN servers to work with iOS 14 and macOS Big Sur client devices
Network admins should be aware of L2TP VPN server configuration enhancements for use with iOS 14 and macOS Big Sur client devices.
Starting with iOS 14 and macOS Big Sur, IPsec supports HMAC-SHA-256 with L2TP VPN.
To make sure that VPN client devices running iOS 14 and macOS Big Sur can connect to your L2TP VPN server, configure the server to truncate the output of the SHA-256 hash to 128 bits. Truncating to fewer than 128 bits will result in L2TP VPN failing to connect.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.