[strongSwan] Windows 7 <-> strongswan constraints error
martin at strongswan.org
Tue Jul 29 14:20:46 CEST 2014
> "constraint check failed: peer not authenticated by CA 'C=GR, [...]
> rightca="C=GR, [...]"
Unfortunately, enforcing CA and other PKI constraints is currently not
supported with EAP(-TLS) authentication. It only works for direct IKE
For Windows clients, this means you'd have to use machine certificates
(or drop your CA constraint).
More information about the Users