@VoteForPedro 

i think you need to have sha2 to make it work on android. ER605v1 does not support this.

ER605v2 support sha2 in stand alone, the only device with sha2 support in stand alone and controller mode is ER8411

  @shberge thank you for your reply.

The OC200 is showing me a lot of IKEv2 options as you can see below.

But you think this will not be used/pushed to the TL-R605 v1.0 ?

  @VoteForPedro 

Yepp thats correct ER605v1,v2 and ER7206 use sha1, this settings downt work on this device. only device that work is ER8411. ER605v2 work in stand alone only if you want to test that.

  @shberge 

I do not want to use it as a standalone. 

(strange OC200 is not giving me an prompt / message like 'not supported'. Would be nice, less frustrating)

1) Will the new TL-R605 2.6 solve my problem? so, will it work with OC200 ánd IKEv2?

2) And will it be easy to migrate/replace the TL-R605 v1 with TL-R605 2.6 with OC200? (I think so, because alle settings are pushed from oc200)

 thank you again!

  @VoteForPedro 

1. No ER605v2 sha2 work only in stand alone, only device that support sha2 in controller and stand alone is ER8411

2. Yes this is easy to replace a router

  @shberge 

ER8411 is way to expensive 

I found the specs, and now I can see indeed it only supports MD5 / SHA1 (and no SHA2) 

But would it be possible to have VPN with IKEv2 and SHA1 or MD5 from OC200 (ER605/TLR605)? Or am I missing something again?

  @VoteForPedro 

You have not missing anything, that TP-Link that do dirty work, same thing with ER605v2 SHA2 work only in stand alone

ER605v1 have support for all protocols you se in omada controller except SHA2 section, I don't think anything work on android with SHA1 so you probably need SHA2

I have not tested IPsec on adroid myself.

But you can use OpenVPN on your router, this will work. download OpenVPN client in google store and import ovpn file generated on Omada Contoller

Maybe ER605v1 will support SHA2 in the future. I don't know.