[strongSwan] Windows 7 <-> strongswan constraints error
Martin Willi
martin at strongswan.org
Tue Jul 29 14:20:46 CEST 2014
Hi,
> "constraint check failed: peer not authenticated by CA 'C=GR, [...]
> rightca="C=GR, [...]"
> rightauth=eap-tls
Unfortunately, enforcing CA and other PKI constraints is currently not
supported with EAP(-TLS) authentication. It only works for direct IKE
certificate authentication.
For Windows clients, this means you'd have to use machine certificates
(or drop your CA constraint).
Regards
Martin
More information about the Users
mailing list