[strongSwan] eap-ttls-radius, how to compile client carol, is it enough?

Andreas Steffen andreas.steffen at strongswan.org
Wed Oct 8 13:32:08 CEST 2014

Hello Oleksandr,

On 08.10.2014 10:36, Oleksandr Yermolenko wrote:
> Hello, everyone,
> environment: strongswan 2.5.0 and freeradius 3.04.
> my scenario based on
> http://www.strongswan.org/uml/testresults/ikev2/rw-eap-ttls-radius/
> the question about configuring client carol?
> 1. is it correct?
> ./configure --prefix=/usr --sysconfdir=/etc --enable-eap-md5
> --enable-eap-ttls --enable-eap-identity
Yes, for the VPN client this is sufficient. If the CA which
issued your Radius server and VPN gateway certificates maintains
a Certificate Revocation List (CRL) then you could also enable
the curl or soup HTTP fetcher plugins (--enable-curl or --enable-soup).

> big thanks for your help and advices.
> Oleksandr

Best regards


Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141008/842f5fc3/attachment.bin>

More information about the Users mailing list