[strongSwan] strongswan without client certifikate
Thomas
jk at c.vu
Wed Dec 3 14:54:04 CET 2014
Hi,
I'm trying to setup strongswan to acceppt only username and password as
logincredentials.
So, the client do not need any certificate, only his username and password.
Is there any way to do that ?
My actual ipsec.conf is this:
config setup
conn ios
keyexchange=ikev1
authby=xauthrsasig
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
leftcert=serverCert.pem
right=%any
rightsubnet=10.0.0.0/24
rightsourceip=10.0.0.0/24
rightcert=clientCert.pem
auto=add
conn android
keyexchange=ikev2
left=%defaultroute
leftauth=pubkey
leftsubnet=0.0.0.0/0
leftcert=serverCert.pem
right=%any
rightauth=pubkey
rightsourceip=10.0.0.0/24
rightcert=clientCert.pem
auto=add
conn win7
keyexchange=ikev2
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
dpdaction=clear
dpddelay=300s
rekey=no
left=%any
leftsubnet=0.0.0.0/0
leftauth=pubkey
leftcert=serverCert.pem
right=%any
rightsourceip=10.0.0.0/24
rightauth=eap-mschapv2
rightsendcert=never
eap_identity=%any
auto=add
More information about the Users
mailing list