proposals not match when using iOS 14.01

[aioliahexi]

05[CFG] received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ

05[CFG] configured proposals: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/BLOWFISH_CBC_256/HMAC_SHA1_96/AES_XCBC_96/HMAC_MD5_96/NO_EXT_SEQ
05[IKE] no acceptable proposal found

05[IKE] failed to establish CHILD_SA, keeping IKE_SA

05[ENC] generating IKE_AUTH response 1 [ IDr AUTH CPRP(ADDR DNS DNS) N(AUTH_LFT) N(MOBIKE_SUP) N(NO_ADD_ADDR) N(NO_PROP) ]

05[NET] sending packet: from 172.17.0.2[4500] to 192.168.188.17[4500] (192 bytes)

04[NET] received packet: from 192.168.188.17[500] to 172.17.0.2[500] (432 bytes)

04[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N((16430)) ]

[aioliahexi]

The fix method is quite simple.
Add below single line
esp=aes256-sha256-modp2048
in the ipsec.conf

[maxgorovenko]

Added this line to /etc/ipsec.conf inside docker container, then docker restart container-name, then recreated .mobileconfig file.
May be the last step is not necessary. Thanks.

[Chiorufarewerin]

Just checked, work without recreating .mobileconfig. Thank you.