The server's host certificate must have a Subject Alt Name that is the same as the server's hostname. If you previously created your server's certificates and did not add a Subject Alt Name when you created them, then you will need to delete them (and any connections using them) and re-create them.
This step assumes that you have not already created your server's certificates. If you have already created your host's certificates, remember that the server certificate must have the hostname as the Subject Alt Name. You might have to recreate your server's certificates.
Unfortunately, the Roadwarrior configuration generated by IPFire will not work out of the box with modern Mac Clients. You must manually edit configuration files to get a working configuration.
conn CONNECTION_NAME leftsendcert=always leftallowany=yes rightdns=10.100.2.1 rekey=no reauth=no