Thank you very much Martin for the quick patch. Excellent support!<br>I will apply the patch and let you know the outcome.<br><br>Jordan.<br><div class="gmail_quote">On Thu, Jul 26, 2012 at 6:26 AM, Martin Willi <span dir="ltr"><<a href="mailto:martin@strongswan.org" target="_blank">martin@strongswan.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
> Currently missing is the connection fallback, though. So<br>
> if your first connection does not comply, the setup fails without<br>
> switching to a potentially matching connection. I'll try to get this<br>
> implemented ASAP, but this requires some work.<br>
<br>
</div>I've just pushed another patch [1] that implements late peer config<br>
switching if XAuth authentication does not fulfill the configured<br>
constraints, such as group membership. With all these patches applied,<br>
group information from RADIUS now can be used to select configurations<br>
in IKEv1, too.<br>
<br>
Regards<br>
Martin<br>
<br>
[1]<a href="http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=8b560a45" target="_blank">http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=8b560a45</a><br>
<br>
</blockquote></div><br>