[strongSwan] IKev1 + eap-tls possible?
WorkingMan
signup_mail2002 at yahoo.com
Tue Sep 17 02:23:02 CEST 2013
Is it possible to make ikev1 client (ex: ios) work with eap-radius and eap-
tls?
Only xauth-eap seems to make ikev1 work with FreeRadius (and accounting, what
I want). In this mode certificate authentication seems to be happening on
strongswan side (not in the RADIUS; like in the case of EAP-TLS + eap-radius).
My requirements
1) I like accounting and unified authentication with RADIUS.
2) I need to support ikev1 (ios, vista, etc)
3) I would like to avoid password (similar to xauth-noauth but for RADIUS) -
should be just certificate authentication
Is my only option to create my own plug-in or patch existing one?
I was thinking xauth-eap works fine except for the password part. Also I would
like the client certificate to be authenticated by RADIUS (so things are
centralized in one place for authentication).
Give me pointers as how I can fix this with a patch.
Thanks
More information about the Users
mailing list