[strongSwan] ipsec pool file with certificates

Claude Tompers claude.tompers at restena.lu
Thu Oct 28 14:57:02 CEST 2010


Hello,

I want to statically assign IP addresses to roadwarriors. I'm doing this with an address file that I load into the sqlite database.

This works fine for eap authenticated users :

* 192.168.122.254=ctompers
* ikev2    192.168.122.254  expired  Oct 26 09:01:17 2010  Oct 26 09:01:44 2010  ctompers

It does not work for users that authenticate with a certificate :

* 192.168.122.190="C=LU, ST=n/a, L=Luxembourg, O=Fondation RESTENA, CN=Test Certificate"
OR
* 192.168.122.190=C=LU, ST=n/a, L=Luxembourg, O=Fondation RESTENA, CN=Test Certificate

* ikev1    192.168.122.129  valid    Oct 28 14:48:24 2010  Oct 28 14:48:33 2010  C=LU, ST=n/a, L=Luxembourg, O=Fondation RESTENA, CN=Test Certificate

I suppose I use the wrong format for putting the certificate in the file ? How does this work ?

kind regards,
Claude


-- 
Claude Tompers
Ingénieur réseau et système
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101028/93a6a78d/attachment.pgp>


More information about the Users mailing list