[strongSwan] Windows 7 Bug ?

Claude Tompers claude.tompers at restena.lu
Mon Jul 12 14:55:30 CEST 2010


Hello Martin,

Thanks for your quick answer.
If a set uniqueids=yes, can this be handled correctly in the previously described scenario ?
If I log in with both computers, both are able to communicate. This is the case both in a NAT'ed and not NAT'ed environment.

kind regards,
Claude


On Monday 12 July 2010 14:38:43 Martin Willi wrote:
> Hi,
> 
> > But where strongswan fills in the EAP username 'ctompers' as ID, which
> > is perfectly logical to me, Windows 7 puts its local IP '10.0.0.101'.
> 
> It is not a bug, but yes, Windows 7 uses the local IP address as IDi,
> whereas strongSwan copies the EAP username to the IKE identity.
> 
> I've heard that SP1 for Windows 7 provides additional options for the
> IDi, but I don't know any details.
> 
> > Is there maybe a config tweak to see the EAP username for Windows 7
> > clients as well ?
> 
> Not at this stage. The configuration selection uses the IKE identities.
> The EAP-Identity is not known yet, but we need a configuration that says
> we should use EAP to authenticate the client.
> 
> The EAP-Identity is shown in "ipsec statusall".
> 
> Regards
> Martin
> 
> 

-- 
Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.strongswan.org/pipermail/users/attachments/20100712/318985e0/attachment.pgp>


More information about the Users mailing list