[strongSwan] unable to connect via Ubuntu 12.04 / strongswan-nm / eap-radius
Martin Shemon
Martin.Shemon at parship.com
Wed May 14 19:12:52 CEST 2014
Hi all,
after testing the whole day around there is still no working solution for me.
What we have here:
1 Strongswan Server with IKEv2
1 FreeRadius Server
1 DHCP Server
1 Active Directory Server which is behind the RADIUS Server
Authentication via eap-radius and one type of connection which is working for the most clients.
Goal is to connect and authenticate all clients with the same connectionconfiguration
Working Clients:
Windows 7 x64
Android
MacOS X 10.9
Not working Clients:
Ubuntu 10.04 / 12.04
One question: has anybody such a configuration running ? Problem is that the Ubuntu Clients (with strongswan-nm plugin) do not cconnect cause the phase 2 (EAP-radius) is not working like the windows connection. For me it looks like the eap-tls tunnel is not coming up cause of a not accepted certificate. The certificates work fine on all the other clients.
ipsec.conf:
# ipsec.conf - strongSwan IPsec configuration file
config setup
conn %default
keyexchange=ikev2
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
dpdaction=clear
dpddelay=300s
rekey=no
left=%any
leftsubnet=0.0.0.0/0
leftauth=pubkey
leftcert=[hiddenCauseOfPrivacy].pem
leftid= [hiddenCauseOfPrivacy].net --> DNS Name
leftfirewall=yes
conn win7rad
right=%any
rightsourceip=%dhcp
rightauth=eap-radius
eap_identity=%identity
rightsendcert=never
auto=add
What can we do to analyze this problem in deep.
Regards
Martin Shemon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140514/bd1ab26a/attachment.html>
More information about the Users
mailing list