[strongSwan] How to configure Strongswan4.6.4/5.x with "IPSec Hybrid authentication with RSA" support
Martin Willi
martin at strongswan.org
Tue Jun 19 10:21:20 CEST 2012
Hi,
> 1: Does Strongswan support Hybrid Authentication?
> 2: Does Strongswan support Hybrid Authentication with RSA?
Yes, we support Hybrid Mode in our experimental 5.0 pre-release.
> 3: What kind of configration does Strongswan look for when the client
> ask for "HybridInitRSA"?
> left=linux.hogehoge.jp
> leftcert=serverCert.pem
> leftauth=xauth
> right=%any
> rightsourceip=192.168.246.230/24
> rightcert=clientCert.pem
> rightauth=pubkey
Left seems to be your responder. In Hybrid mode, the responder
authenticates with a public key, the initiator with XAuth only. Try it
the other way round:
leftauth=pubkey
rightauth=xauth
Regards
Martin
More information about the Users
mailing list