The USG1100 must join an AD domain.
In the following example, domain name is usg.com.
Go to CONFIGURATION > System > DNS > Address/PTR Record and add a record.
In this example, the IP of AD server is 10.214.48.71.
Go to AAA Server > Active Directory > AD object. Configure Domain Authentication for MSChap.
The user in this field should be “domain admin” privilege on your AD server.
IKEv2 is established with AD account successfully.