[strongSwan] StrongSwan Windows 8 IKEv2 (Using Agile VPN Client) Problems with 32-Bit version of windows 8.
andy.paton at hp.com
Tue Jul 23 15:11:27 CEST 2013
Ah - I missed that... yes that certainly looks like the issue.
Do you know what the Hotfix is? - I tried to search but didn't turn up anything..
Andy Paton - Bsc. (Hons), MBCS
From: Martin Willi [mailto:martin at strongswan.org]
Sent: 23 July 2013 14:10
To: Paton, Andy
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] StrongSwan Windows 8 IKEv2 (Using Agile VPN Client) Problems with 32-Bit version of windows 8.
> Win 8 x64 (Successful)
> looking for peer configs matching 10.1.0.2[%any]...10.1.0.1[C=EN,
> O=Corp, OU=Dev, CN=Client]
> Win 8 x86 (Unsucessful)
> looking for peer configs matching
On x86, the client uses its (internal?) IP address to authenticate. This is not allowed, as strongSwan requires that the identity is contained in the certificate, either as subject or as subjectAltName.
I think this is the known regression coming with unpatched Windows 8
builds: the Agile VPN client uses a wrong identity.
This regression has been fixed by Microsoft using a hotfix. Have you double-checked that this box has all Windows updates installed?
More information about the Users