[strongSwan] How to configure Strongswan4.6.4/5.x with "IPSec Hybrid authentication with RSA" support

Martin Willi martin at strongswan.org
Tue Jun 19 10:21:20 CEST 2012


> 1: Does Strongswan support Hybrid Authentication?
> 2: Does Strongswan support Hybrid Authentication with RSA?

Yes, we support Hybrid Mode in our experimental 5.0 pre-release.

> 3: What kind of configration does Strongswan look for when the client
> ask for "HybridInitRSA"?

>        left=linux.hogehoge.jp
>        leftcert=serverCert.pem
>        leftauth=xauth
>        right=%any
>        rightsourceip=
>        rightcert=clientCert.pem
>        rightauth=pubkey

Left seems to be your responder. In Hybrid mode, the responder
authenticates with a public key, the initiator with XAuth only. Try it
the other way round:



More information about the Users mailing list