[strongSwan] eap-ttls-radius, how to compile client carol, is it enough?

Oleksandr Yermolenko aae at sumix.com
Wed Oct 8 13:51:02 CEST 2014


Andreas, thanks a lot for your answer and additional notes...
I will look at my freeradius configs in order to find the answer why it 
do isn’t work.

Oleksandr


On 10/08/2014 02:32 PM, Andreas Steffen wrote:
> Hello Oleksandr,
>
> On 08.10.2014 10:36, Oleksandr Yermolenko wrote:
>> Hello, everyone,
>>
>> environment: strongswan 2.5.0 and freeradius 3.04.
>>
>> my scenario based on
>> http://www.strongswan.org/uml/testresults/ikev2/rw-eap-ttls-radius/
>>
>> the question about configuring client carol?
>>
>> 1. is it correct?
>> ./configure --prefix=/usr --sysconfdir=/etc --enable-eap-md5
>> --enable-eap-ttls --enable-eap-identity
>>
> Yes, for the VPN client this is sufficient. If the CA which
> issued your Radius server and VPN gateway certificates maintains
> a Certificate Revocation List (CRL) then you could also enable
> the curl or soup HTTP fetcher plugins (--enable-curl or --enable-soup).
>
>> big thanks for your help and advices.
>>
>> Oleksandr
>
> Best regards
>
> Andreas
>
> ======================================================================
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Open Source VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>



More information about the Users mailing list