[strongSwan] StrongSwan Windows 8 IKEv2 (Using Agile VPN Client) Problems with 32-Bit version of windows 8.
Paton, Andy
andy.paton at hp.com
Tue Jul 23 15:11:27 CEST 2013
Ah - I missed that... yes that certainly looks like the issue.
Do you know what the Hotfix is? - I tried to search but didn't turn up anything..
Regards,
Andy Paton - Bsc. (Hons), MBCS
Innovation Engineer
-----Original Message-----
From: Martin Willi [mailto:martin at strongswan.org]
Sent: 23 July 2013 14:10
To: Paton, Andy
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] StrongSwan Windows 8 IKEv2 (Using Agile VPN Client) Problems with 32-Bit version of windows 8.
Hi Andy,
> Win 8 x64 (Successful)
> looking for peer configs matching 10.1.0.2[%any]...10.1.0.1[C=EN,
> O=Corp, OU=Dev, CN=Client]
> Win 8 x86 (Unsucessful)
> looking for peer configs matching
> 10.1.0.2[%any]...10.1.0.1[192.168.211.128]
On x86, the client uses its (internal?) IP address to authenticate. This is not allowed, as strongSwan requires that the identity is contained in the certificate, either as subject or as subjectAltName.
I think this is the known regression coming with unpatched Windows 8
builds: the Agile VPN client uses a wrong identity.
This regression has been fixed by Microsoft using a hotfix. Have you double-checked that this box has all Windows updates installed?
Regards
Martin
More information about the Users
mailing list