[strongSwan] EAP-AKA authentication without certificate request.

Martin Willi martin at strongswan.org
Thu Oct 14 12:52:04 CEST 2010

> I'm trying to do eap-aka authentication without responder's certificate.

There is no need to change the code, strongSwan supports the EAP-only
authentication extension, RFC 5998.

To omit certificate authentication, set leftauth=eap on the responder.
There is a scenario with EAP-SIM [1], but it works exactly the same with
EAP-AKA, with or without RADIUS.

To not send a CERTREQ on the client, you may add rightsendcert=no.



More information about the Users mailing list