<div dir="ltr">Hi, <div>   We are setting up oath based VPN connection with pam_oath</div><div><br></div><div>I have setup in my local with the Xauth config something like this</div><div><br></div><div>reponder </div><div><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    leftauth=pubkey</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    rightauth=pubkey</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    rightauth2=xauth-pam</span><br></div><div><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><br></span></div><div><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">initiator</span></span></div><div><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    leftauth=pubkey</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    rightauth=pubkey</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    leftauth2=xauth</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    xauth=client</span><br style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial"><span style="color:rgba(0,0,0,0.87);font-family:"Roboto Slab","Times New Roman",serif;font-size:14px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(250,250,250);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">    xauth_identity=<username></span><br></span></div><div><br></div><div>and it works well and then I came across the eap-gtc plugin,</div><div>a. can someone advice on why would anyone use eap-gtc when xauth works well for authenticating user/pass. Is it because xauth can use only ikev1 ?</div><div>b. also if I use eap-gtc the <span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">(pam)</span>backend is still xauth-pam right. so why would anyone use it</div><div>c. how do I run ikev1 (xauth) and ikev2 (eap-gtc) at the same time ? any sample configuration will be helpful</div><div><br></div><div>Thanks</div><div><br></div><div><br></div><div><br></div></div>