[strongSwan-dev] problem with local authentication method as NONE

siddesh r siddu049 at gmail.com
Fri Jul 25 06:09:57 CEST 2014


Hi All,

Came across a scenario, where remote authentication method is configured
CERTIFICATE and local authentication method is not configured on GW. In
this case whenever GW receives valid IKE_AUTH request with valid
CERTIFICATE , it is responding back with IKE_AUTH response having
AUTH_PAYLOAD with "auth method" set to "Shared Key Message Integrity Code"
and the value as "NULL". The value is NULL because GW doesn't have "shared
secret".

As per my analysis RFC 5996 doesn't talk about how to handle this scenario.
Please let me know whether this is the accepted way to handle this
scenario, or any different way is there.

Thanks in advance.

Regds,
Siddesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140725/5695b118/attachment.html>


More information about the Dev mailing list