[strongSwan] Strongswan+RADIUS secret code problem?
Julian Poschmann
julian.poschmann at rwth-aachen.de
Fri Oct 28 17:10:36 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have similar setup, here two caveeats I had:
1) Windows 7 was not happy with the eap-type the radius server
suggested and quit with error 13801. I had to set "default_eap_type =
mschapv2" in eap.conf. I think Windows 7 only supports eap-mschapv2
for it's ikev2 client. Maybe there is a more elegant way than changing
the default eap type. I haven't looked further into it.
2) There have been license issue with openssl in freedradius under
debian/ubuntu resulting in the repo version being compiled with very
limited functionality. Although it shouldn't have an impact on
eap-mschapv2 (I think), maybe it's worth a try compiling freefradius
yourself.
Regards,
Julian
Am 28.10.2011 06:37, schrieb T Z:
> Hi all,
>
> I'm using Strongswan 4.5.2 (from Debian squeeze-backports) and
> Freeradius 2.1.0 (from Debian stable) to construct an IKEv2 VPN for
> my clients. It seems that Strongswan is connected with Freeradius,
> but client connection just fails. Testing with Windows 7 IKEv2
> client, it prompts "Error 13801: IKE authentication credentials are
> unacceptable."
- --
Julian Poschmann
Josefstr. 126
52080 Aachen-Eilendorf
Telefon: +49 170 3295135
E-Mail: julian.poschmannn at rwth-aachen.de
PGP-ID: 0x7D51DD8B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iEYEARECAAYFAk6qxewACgkQJmSm8H1R3YtLhwCfWyuSXztlTxVFRfOMhLYgW4cz
sjgAn31r+lBORw7Z3P38ZWNn2gtFtoAh
=Vytf
-----END PGP SIGNATURE-----
More information about the Users
mailing list