[strongSwan] How to configure swan server not to use leftauth -- Is this doable?

Mao, Zhiheng zmao at qti.qualcomm.com
Thu Jul 11 07:03:31 CEST 2013


Hi,

I am wondering if I can configure the swan server not to use leftauth? I tied to comment out this parameter in the ipsec.conf, but I am getting
Jul 9 18:14:58 epdg-iwf4 charon: 01[IKE] no private key found for 'vzwadmin'

, and the call setup failed. If I make the leftauth=psk and make the client use the same PSK, then everything works. But my real situation is that client authenticates itself using EAP, and server does not use authentication. 

Here is the ipsec.conf:
rightauth=eap-radius  
#leftauth=psk   # commented out          

Is this doable? Or does this violate certain rules in the spec? Thank you!

Regards,
Zhiheng


More information about the Users mailing list