[strongSwan] "verify_cert off" (racoon) possible in StrongSwan?
michael.holstein at csuohio.edu
Wed Jul 6 20:43:10 CEST 2011
Racoon has a proposal directive of "verify_cert off" (ignore the peer
identity, but still must be signed by a CA in the directory) .. this is
the only way to make borked Android devices connect (since they send
ID_IPV4 as their IKE identity).
Is there a similar directive to make Strongswan do this?
Yes, I realize all the reasons why you wouldn't want to do that, since
Strongswan was built for its certificate support.
Cleveland State University
More information about the Users