Hi,
here is the connection profile:
aaa authentication via connection-profile "Mobile-Conn-Prof"
server addr "x.x.com" internal-ip 10.x.x.x desc "LAN" position 0
auth-profile "Cert" position 0
tunnel address 10.x.x.x netmask 255.248.0.0
split-tunneling
ikev2-policy "20"
ike-policy "Default RAP 10002"
no windows-credentials
ikev2-proto
ikev2auth eap-tls
ipsec-cryptomap map "default-ikev2-dynamicmap" number 10000
enable-supplicant
auth_domain_suffix
no domain-pre-connect
no validate-server-cert
dns-suffix-list "123.com"
support-email "123.com"
This forwards all traffic to *.123.com only the first time the profile gets downloaded and connected it works. It doesn't work - reproducable - if i restart the phone and connect again.
Thanks for suggestions - maybe this is a apple problem ... dunno :(