Why we notice the error "There is no certificate in keychain which has VPNagent" on MAC VIA clients
The Certificate Key Access Control List (ACL) allows the VIA VPN Agent to use key from the keychain
without requesting credentials. Certificate Key is used to sign the data while IKE communication.
Perform the following steps to configure the certificate vpnagent or neagent ACL to the users using the Mac VIA client.
1. In Mac OS, select Applications > Utilities > Keychain Access.
2. In the left-pane, under Category select Certificates.
3. In the right-pane, select Users and double-click on the name of the user.
4. Click Access Control.
5. Select the option Confirm before allowing access.
6. Verify vpnagent is listed under Always allow access by these applications:. If vpnagent is not in the list, click + and select the folder /usr/libexec and select vpnagent.
Note :In Mac IOS v.10.10 and later vpnagent has been replaced with NEAgent