<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
<br class="">
<div>
<blockquote type="cite" class="">
<div class="">On Mar 24, 2015, at 7:49 AM, Martin Willi <<a href="mailto:martin@strongswan.org" class="">martin@strongswan.org</a>> wrote:</div>
<div class=""><br class="">
</div>
</blockquote>
...<br class="">
<blockquote type="cite" class="">
<div class="">
<blockquote type="cite" class="">I would like to use EAP-GTC authentication with the Mac app and would<br class="">
be willing to modify the app to add this feature.<br class="">
</blockquote>
<br class="">
The new build additionally comes with the eap-gtc plugin.<br class="">
<br class="">
Regards<br class="">
Martin<br class="">
<br class="">
[1]<a href="http://download.strongswan.org/osx/strongswan-5.3.0-1.app.zip" class="">http://download.strongswan.org/osx/strongswan-5.3.0-1.app.zip</a><br class="">
<br class="">
</div>
</blockquote>
</div>
<br class="">
<div class=""><br class="">
</div>
<div class="">
<div class="">Has anyone gotten the StrongSwan Mac app to work using EAP-GTC authentication?</div>
<div class=""><br class="">
</div>
<div class="">Here my configuration: </div>
<div class=""> VPN gateway - StrongSwan v5.3.0 running on Centos 6.6</div>
<div class=""> Remote access client - StrongSwan Mac app v5.3.0 (1) on OS X 10.10.2</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">When the Mac app initiates a connection, everything works fine until the server requests EAP_GTC. From the Mac app log:</div>
<div class=""><br class="">
</div>
<div class="">
<div class="">parsed IKE_AUTH response 2 [ EAP/REQ/GTC ]</div>
<div class="">server requested EAP_GTC authentication (id 0xDF)</div>
<div class="">EAP method not supported, sending EAP_NAK</div>
</div>
<div class=""><br class="">
</div>
<div class="">The Mac app returns EAP_NAK and everything shuts down.</div>
</div>
<div class=""><br class="">
</div>
<div class="">The org.strongswan.charon-xpc file contains strings from the EAP-GTC plugin so should be running the correct code:</div>
<div class=""><br class="">
</div>
<div class="">
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
$ strings /Applications/strongSwan.app/Contents/Library/LaunchServices/org.strongswan.charon-xpc | grep -i gtc</div>
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
EAP_GTC</div>
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
received invalid EAP-GTC message</div>
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
%s.plugins.eap-gtc.backend</div>
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
creating EAP-GTC XAuth backend '%s' failed</div>
<div style="margin: 0px; font-family: Courier; background-color: rgb(226, 225, 227);" class="">
eap-gtc</div>
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Everytime I run it, the load_method call on line 413 of <span style="background-color: rgb(226, 225, 227); font-family: Courier;" class="">libcharon/sa/ikev2/authenticators/eap_authenticator.c fails.</span></div>
</body>
</html>