[strongSwan] Extra EAP options for Strongswan android app
Tobias Brunner
tobias at strongswan.org
Wed Sep 25 17:21:29 CEST 2013
Hi Lance,
> It is said that the strongswan android app only supports EAP-MSCHAPv2,
> EAP-MD5 and EAP-GTC.
>
> If I build the code myself, can I add extra EAP types to the configure
> script ? -- say EAP-TLS
Theoretically yes, but the EAP-TLS method in particular is not an EAP
method in the app's narrow interpretation.
As the label "IKEv2 EAP (Username/Password)" indicates only EAP methods
that require username/password can currently be used. Methods that
tunnel other EAP methods, like EAP-PEAP or EAP-TTLS would also work if
used without client certificate and if the tunneled method is based on
username/password (EAP-TTLS is actually loaded in the EAP-TNC case).
EAP-TLS is more like the "IKEv2 Certificate" option in terms of
credentials. I suppose an option like "IKEv2 EAP-TLS (Certificate)"
could be added quite easily, if that's something you require.
Regards,
Tobias
More information about the Users
mailing list