Hey, reason for this post is that while having issues with native VPN client and GOS, I could not find a correct answer on this forum. So I had to dig a bit more by myself. My iOS device had no problem to connect to OpenBSD iked, while GOS had.
So I leave a working example here. Maybe helps someone else.
Client (built-in VPN client, Android 16, GOS build 2025112101) config:
Type: IKEv2/IPSec PSK
Server: 1.2.3.4
IPSec identifier: whatever_you_want_just_match_on_server_side
IPSec pre-shared key: insert_your_password_here
Server(OpenBSD 7.8, iked.conf):
ikev2 'rwarrior' passive esp \
from any to dynamic \
ikesa enc aes-256 prf hmac-sha2-256 auth hmac-sha2-256 group modp4096 \ <----- GOS wants modp4096, modp2048 (as for iOS) will not work
childsa enc aes-256 auth hmac-sha2-256 group modp4096 \
srcid "1.2.3.4" \ <-------- This one is IMPORTANT, client side does not accept FQDN (srcid "vpn.domain.com" will NOT work)
dstid "whatever_you_want_just_match_on_server_side" \
psk "insert_your_password_here" \
config name-server 10.78.3.2 \
config address 10.78.4.0/24
Good luck!