[strongSwan] EAP-AKA authentication without certificate request.
Martin Willi
martin at strongswan.org
Thu Oct 14 12:52:04 CEST 2010
> I'm trying to do eap-aka authentication without responder's certificate.
There is no need to change the code, strongSwan supports the EAP-only
authentication extension, RFC 5998.
To omit certificate authentication, set leftauth=eap on the responder.
There is a scenario with EAP-SIM [1], but it works exactly the same with
EAP-AKA, with or without RADIUS.
To not send a CERTREQ on the client, you may add rightsendcert=no.
Regards
Martin
[1]http://www.strongswan.org/uml/testresults44/ikev2/rw-eap-sim-only-radius/
More information about the Users
mailing list