The solution is actually very simple:

 
Take the l2tp solution of centos 7 as an example:
Modify the "sha2-truncbug=yes" in the file /etc/ipsec.conf to "sha2-truncbug=no"
You can implement the official Apple solution "Configure the server to truncate the output of SHA-256 hash to 128 bits".
 
shutdown -r now Restart the server and it will be ok, and your iphone can connect to l2tp.